Steer Traffic from Guests that are not Running VMware Tools
VMware Tools contains a utility that allows
the NSX-V Manager to collect the IP address(es) of each guest running
in the cluster. NSX-V Manager uses the IP address as a match criterion
to steer traffic to the VM-Series firewall. If you do not have VMware
tools installed on each guest, the IP address(es) of the guest is
unavailable to the NSX-V Manager and traffic cannot be steered to
the VM-Series firewall.
The following steps allow you to manually
provision guests without VMware Tools so that traffic from each
of these guests can be managed by the VM-Series firewall.
Create an IP set that includes the guests that
need to be secured by the VM-Series firewall. This IP set will be
used as the source or destination object in an NSX-V distributed firewall
rule in step
Step 2 below.
and enter the IP
address of each guest that does not have VMware tools installed,
and needs to be secured by the VM-Series firewall. Use commas to
separate individual IP addresses; IP ranges or subnets are not valid.
the IP sets to the Security Groups on NSX-V, to enforce policy.