VMware NSX IDPS rules not supported on VMware NSX load balancer
Article ID: 322431
Updated On:
Products
VMware NSX Networking
Issue/Introduction
- You are using VMware NSX IDPS.
- You have a VMware NSX load balancer deployed.
- You have applied IDPS rules in Detect Only or Detect and Prevent mode under IDS/IPS & Malware Prevention - Gateway Rules - Gateway Specific Rules - <Tier 1 Logical Router>.
- There are IDPS rules applied to a VMware NSX Tier 1 Logical Router.
- This VMware NSX Tier 1 Logical Router has a VMware NSX load balancer configured on it.
- SSH and SCP traffic destined to the VMware NSX load balancer VIP do not work.
- When the IDPS rule applied to the VMware NSX Tier 1 is disabled, SSH and SCP traffic flows again.
Environment
VMware NSX-T
Resolution
Configuring IDPS in either Detect Only or Detect and Enforce mode on a VMware NSX Tier 1 logical router configured with a VMware NSX load balancer is not a supported configuration.
Do not apply IDPS rules to a VMware NSX Tier 1 logical router which has a VMware NSX load balancer configured.
Do not apply IDPS rules to a VMware NSX Tier 1 logical router which has a VMware NSX load balancer configured.
Feedback
Yes
No
Powered by
