The default Edge gateway firewall rule on Tenant is set to Deny all. We need to must create the firewall rules for traffic to virtual service services from the internet. More detail on edge way firewall.
- 1. Create IP set
Step 1:
Log in to the HI GIO PORTAL as an Organization Administrator and Navigate to
Step 2: Networking > Edge Gateway > Security > IP Sets.
Press NEW to define the IP Set for VIPs.·
Name: type IP Set name (example VIP-Web)
IP Address: type IP
Address or IP Range (this IP for VIP that was created before).
- 2. Create
- an Edge Firewall Rule
Step 1: Log in to the HI GIO PORTAL as an Organization Administrator and Navigate to
Networking > Edge Gateway > Services > Firewall.
Step 2: Press EDIT RULES to add NEW RULE for VIPs.
Name: type Rule name (example Allow_VSWeb)
Applications: choose your application types (example: HTTP and HTTPS)
Source: Any (for internet users)
Destination: Select IP Set configured before (example VS_192.168.2.10)
Action: Allow
Step 3: Click Save to complete EDIT RULES
Note |
In case we’re using a distributed firewall |
in our environment. we should |
create and distribute firewall rules for virtual service and pool |