NSX Manager is disconnected from Security Services Platform - vDefend SSP Alarm
search cancel

NSX Manager is disconnected from Security Services Platform - vDefend SSP Alarm

book

Article ID: 384113

calendar_today

Updated On:

Products

VMware vDefend Firewall VMware vDefend Firewall with Advanced Threat Prevention

Issue/Introduction

Problem: The Security Services Platform (SSP) is disconnected from the NSX Manager.

Impact: Actions on the Security Services Platform that require connectivity to the NSX Manager may not work as expected.

Environment

vDefend SSP >= 5.0

Cause

Connectivity to the NSX Manager may be lost due to several factors, including:

  • Firewall Rules: If the traffic to/from the SSP is blocked - specifically on ports 443 and 9092. Please refer to VMware-vDefend Ports and Protocols.

  • Certificate Changes: If certificates on either the NSX Manager or SSP have changed, synchronization may fail, especially during unplanned downtime.

  • DNS Issues: If the Fully Qualified Domain Name (FQDN) used by the SSP is not resolved by the DNS server configured on the NSX Manager.

  • NSX Manager Downtime: If the NSX Manager is down, connectivity will be disrupted.

The current status of the NSX Manager connection can be checked in the SSP UI by navigating to System > NSX Managers.

 

Resolution

Maintenance Window Required: No

To re-establish connectivity to the NSX Manager:

Rule out the potential causes mentioned above, please verify with your network administrator whether any changes were made to the firewall rules, certificates, or DNS settings. Additionally, confirm if there was any planned downtime for the NSX Manager recently and if so, whether those changes have been reverted to their original configurations.

  1. Wait for Automatic Recovery:

    • In many cases, after resolving the root cause (e.g., fixing firewall rules, certificates, DNS issues, or NSX Manager downtime), the connection should automatically recover.

    • It is recommended to wait 5-10 minutes to allow the system to attempt an automatic reconnection before taking manual steps.

  2. If Automatic Recovery Does Not Occur, Manually Reconnect:

    • Navigate to the NSX Manager Pane: In the SSP UI, go to System > NSX Managers.

    • Check the Connectivity Status: If the status remains "Disconnected," click the "Refresh" symbol (the circular arrow) next to the status.

    • Initiate the Reconnection Workflow: A small window will pop up with a Reconnect option. Click Reconnect.

    • Follow the NSX Onboarding Document: You will be prompted to enter the NSX Manager username, password, and certificate and then pass through "Check Compatibility." Please refer Onboard NSX Manager

    • Complete the Reconnection: After entering the required credentials and certificate, the reconnection process will begin. Once successful, the NSX Manager should show as Connected.

  3. Monitor the Alarm Status:

    • After completing the reconnection workflow, the alarm should resolve, and the NSX Manager will show as Connected in the SSP UI.

Please refer to the attached video in the KB for more details.

If the issue persists, please collect the SSP Support Bundle, raise a support ticket for further assistance, and upload the support bundle to the ticket.

Attachments

NSX Manager is disconnected from Security Services Platform movie_1734059648408.mov get_app
Powered by Wolken Software