VMs are removed from the NSX exclusion list
Article ID: 327380
Updated On:
Products
VMware NSX Networking
Issue/Introduction
Symptoms:
- VMs removed from the NSX exclusion list while editing it using the vSphere Web client.
- NSX version used is 6.4 (any versions).
- vSphere version used is 6.5 or higher.
Environment
VMware NSX Data Center for vSphere 6.4.x
Cause
The the vSphere Web client form used to modify the NSX exclusion list has 2 panes, the left pane which lists vCenter inventory and right pane which lists NSX Manager current exclusion list as shown in the image below:
The right pane is populated using an API call on the NSX Manager to retrieve the current exclusion list.
If the form’s "OK" button is clicked while the right pane is not yet populated, the form will send an update command to the NSX Manager with an empty list, which the NSX Manager will translate into a request to clear the exclusion list.
Resolution
This issue is fixed in VMware NSX Data Center for vSphere 6.4.6
Workaround:
To workaround and prevent the issue from occurring, use either of the methods below: 
Workaround:
To workaround and prevent the issue from occurring, use either of the methods below:
- Ensure the right pane of the exclusion list form displays the correct exclusion list (check the number of excluded VM as shown in the image below) before clicking the "OK" button.
- Use API call to add/remove VMs from the exclusion list instead of the vSphere Web client. Refer to the NSX 6.4 API guide for APIs to add/remove VMs from the exclusion list.
Additional Information
Impact/Risks:
VMs are removed from exclusion list causing Distributed Firewall to be applied to those VMs.
VMs are removed from exclusion list causing Distributed Firewall to be applied to those VMs.
Feedback
Yes
No
Powered by
