How to restore DFW with backup file
Article ID: 378110
Updated On:
Products
Issue/Introduction
This KB explains how to take DFW backup and restore
Environment
NSX-T 4.x
Resolution
To backup and restore DFW ,you have to export DFW configuration to take the backup and import the same configuration while restoring it.
Below are the steps involved.
1.Export or Import a Firewall Configuration
2.Save or View a Firewall Draft
3.Load and publish DFW config from draft.
1.Export or Import a Firewall Configuration
For DFW backup you have to export the DFW configurations , for restore you can import the same config.
Note
When importing rules with groups, the groups must be created on the destination environment without typos. If not, you will get a Deleted_Object error message instead of the group name when importing the rules.
Editing the name of the Group to fix the typo does not fix the issue, because the UUID stays with the the original name.
2.Save or View a Firewall Draft
The imported configuration does not directly restore the backup but it is saved as a manual draft in NSX. You can view the draft to see what kind of configuration will restore.
3.Load and publish DFW config from draft.
Now you can select the configuration which has been imported and load the draft and publish it. This will restore the DFW configuration
Note: Only DFW rule definition is restored not group definition. User need to ensure all the group/inventory definition are are created before they restored DFW configuration. Group/inventory definition are included as a part of NSX manager backup not in DFW export.
Feedback
