Micro-segmentation with NSX-T (part 2: Methodology in action)

Now that we have learned the theory in Microsegmentation with NSX-T (part 1: methodology), we can look at the application of this methodology in practice. Methodology in action So after all this, let's see a little bit of this methodology in action. First of all, it is important to know which traffic is flowing in …

Continue reading Micro-segmentation with NSX-T (part 2: Methodology in action)

Microsegmentation with NSX-T (part 1: methodology)

After a number of blogs on network-virtualization, I thought it was time to start writing some blogs on another of the major three use cases: Security, through micro-segmentation. In my line of work most organizations where I implement NSX (first V and now T) are primarily interested in the security aspects of the product. In …

Continue reading Microsegmentation with NSX-T (part 1: methodology)

Distributed Multi-Tier Routing in NSX-T

I learned something today, which in hindsight is obvious. Hopefully this helps someone that runs into the same "strange" (but not so strange) behavior. I created the following topology today, to prepare for some NSX-T demo I am giving tomorrow: What I (among other stuff) wanted to show, was that routing between Test-Segments "D" and …

Continue reading Distributed Multi-Tier Routing in NSX-T

Integrating NSX-T with Active Directory for RBAC (through VMware Identity Manager)

So after using NSX-T for a while, with the built-in admin account, it is time to look into using RBAC for some granular control over who is allowed to do what, within NSX. So with NSX-T it isn't as straight forward as it was in NSX-V. Integrating logins with AD requires a bit more work. …

Continue reading Integrating NSX-T with Active Directory for RBAC (through VMware Identity Manager)

Resetting expired admin password on NSX-T

So apparently it has been 90 days since the deployment of NSX-T and therefor, time for the admin password to expire ;): Unfortunately, this doesn't give you the opportunity to login and then change the password (a feature I would really appreciate), but a reset is necessary. In the online documentation (https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.4/administration/GUID-8816B842-2EC4-40A8-A618-F68DB29FABD2.html) the reset is …

Continue reading Resetting expired admin password on NSX-T

NSX-T: Missing locale data for the locale “XX”.

So, as you may know, I am from the Netherlands (or Holland, although technically I am not, but that is a different discussion ;)). So within my lab-environment I sometimes use Dutch as the language-setting, for instance within Firefox, the browser I use(d) to configure NSX-T. But this issue also occurs in Chrome. Within IE …

Continue reading NSX-T: Missing locale data for the locale “XX”.

Load Balancing with NSX-T – Part 1

So after I looked at the installation, the fabric and routing and switching, it is time to take a look at the higher level networking functions within NSX-T, like Load Balancing. The functionality itself has not changed very much since NSX-T (compared to V), but the way that it is consumed is different. As described in an earlier blog (Routing with NSX-T (part 1)), NSX-T uses multiple entities within it's fabric. Two of which being tier-0 and tier-1 gateways and load balancing can only exist on a tier-1 gateway. So when you use Load Balancing within NSX-T you have to deploy both tier-0 and tier-1 components.