We are using Zerto 3.5 U7 to replicate vApps between two vCloud Director instances.
We have a customer who is using vApp networks with firewall rules configured in their vApps. In our current Zerto deployment, when those vApps are failed over the vApp Network is still there inside the recovered vApp but the NAT and firewall rules are not (actually, this customer has NAT disabled but does have FW rules configured). To get around this, we’ve put together some PowerCLI can be run to export the rules to CSV and then import the rules into the vApp after recovery. It works, but it’s not an ideal solution.
I note in the release notes for v4.0 Update 2 the following point:
<p align=”LEFT”>- When protecting a vCD vApp and recovering to vCD, NAT rules for a NAT Router Org network can be saved as part of the VPG definition to be applied during recovery.</p>
This sounds like it could solve our issue, but it mentions only NAT rules, does it not also do the firewall rules?
When protecting a vCD vApp and recovering to vCD, NAT rules for a NAT Router Org network can be saved as part of theVPG definition to be applied during recovery.
I apologize for the delayed response here. I’ve looked into your request and what you read in the release notes is specific to only the NAT rules and not the firewall rules.
I know that you’ve been using a work-around, but if you haven’t already, you can please submit a feature request describing your use case, environment size, and impact for this functionality across your environment. That would be extremely helpful in planning our support for the request.