IP translation is seen for RDSH VM using only logon detection through the Event Log Reader
search cancel

IP translation is seen for RDSH VM using only logon detection through the Event Log Reader

book

Article ID: 321113

calendar_today

Updated On:

Products

VMware NSX for vSphere

Issue/Introduction

Symptoms:
When the Administrator creates two RDSH-based rules without Guest Introspection deployed:
  1. HRGroup is allowed to access only FTP server using VDI client.
  2. HRGroup is allowed to access only HTTP Server using RDSH.
HR User logs onto an RDSH desktop and incorrectly receives the VDI rule. Administrator deploys Guest Introspection (GI). At this point both the VDI rule and RDSH rule are incorrectly in effect on the RDSH VM. Any other user that now logs onto the RDSH desktop will incorrectly receive both their RDSH based rules and the VDI rules in effect from the previous HR user's logon.

Environment

VMware NSX for vSphere 6.4.x

Cause

This issue occurs because logons detected through the Event Log Reader are always treated as VDI and result in IP translation, even if originating from an RDSH VM/

Resolution

This is a known issue affecting VMware NSX for vSphere 6.4.x.

Currently, there is no resolution.

Workaround:
To work around this issue:

  • When using RDSH-based rules, only configure GI for logon detection (do not configure log scraping)
  • If using both Guest Introspection and log scraping logon detection methods, remove the RDSH server IP Address information from host in "getaddrsets" after reinstalling GI.



Powered by Wolken Software