NSX Load Balancer - Application Rules ignored for HTTPS Traffic
book
Article ID: 343049
calendar_today
Updated On:
Products
VMware NSX Data Center for vSphere
Issue/Introduction
Application Rules have been created and applied to a virtual server, however these rules appear to be ignored.
Same set of application rules work as expected when using HTTP, rather than HTTPS
SSL passthrough is enabled.
Environment
VMware NSX Data Center for vSphere 6.4.x
Cause
This issue is seen due to SSL passthrough being enabled on the Load Balancer. With SSL passthrough enabled, the Load Balancer does not decrypt and inspect the traffic. Traffic is sent directly to the servers in the server pool to be decrypted.
Resolution
Use SSL Termination rather than SSL passthrough. Uncheck the SSL Passthrough checkbox in the Application profile.