Default CGW Firewall Rules rule re-ordering in VMC UI
search cancel

Default CGW Firewall Rules rule re-ordering in VMC UI


Article ID: 314097


Updated On:


VMware Cloud on AWS


We can Add or Modify Compute Gateway Firewall Rules in VMC UI

A rule created from the ADD NEW RULE button is placed at the top of the list of rules. Firewall rules are applied in order from top to bottom. To change the position of a rule in the list, select it and drag it to a new position. Click PUBLISH to publish the change.

More details,

Currently, VMC UI allows users to create user defined rules and publish in any order. It allows Users to move below or above outside of the user defined section.

Here is the quick illustration,
User created Rules in VMC UI [ Rule 1, 2 and 3] are initially above the "Default VTI Rule"


User defined rules in VMC UI moved below "Default VTI Rule"



In the NSX Manager UI, the user created rules are grouped under section "Default" as below and does not allow the rules to be moved out of this section.


However this option is currently not available in VMC UI, and the behavior is observed across all SDDC versions and even in M12.


Currently, this is a known behavior and a feature request is being raised to be fixed in the upcoming releases.

We need to perform some Rule Reordering to rearrange them back to the default Rule Ordering.
  • Move the re-arranged Default rules to the third slot from the bottom of the list, and hit PUBLISH.
  • Followed with moving the Default rule again to the second from bottom position and PUBLISH.

Additional Information

When we re-order the User defined rules below the Default Rules, and Click PUBLISH, the user defined rules get rearranged and creates order relocation. To prevent this, the Rules should not be allowed to be moved out of the section. For example User defined rules should not be allowed to be moved below or above the default Rules in VMC UI.