• NSX-T is running with NSX-T 3.x, 4.0.x o 4.1.x
• NSX-T appliance VM was deployed with medium size fact form.
• Similar to below capacity alarm show from NSX-T UI.

• Similar to below logging also reported from NSX Manager /var/log/syslog

_{2025-01-28T18:18:20.762Z nsxt-node-02 NSX 3758 MONITORING [nsx@6876 alarmId="05274963-dbc0-47e1-bd6d-c574b2d36c8b" alarmState="OPEN" comp="nsx-manager" entId="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" errorCode="MP701099" eventFeatureName="capacity" eventSev="HIGH" eventState="On" eventType="maximum_capacity_threshold" level="ERROR" nodeId="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" subcomp="monitoring"] The number of objects defined in the system for System wide Total Gateway Firewall Rules has reached 401 which is above the maximum capacity threshold of 100.0%.}

This is expected behavior when total system wide gateway firewall have a max_supported_count number of 400.
This number can be retrieved by API GET https://<nsxmanagerIP>/policy/api/v1/infra/capacity/dashboard/usage 

Eg, Similar to below output with the max_supported_count being 400 for a NSX medium appliance.

    "usage_type" : "NUMBER_OF_GATEWAY_POLICY",
    "display_name" : "System wide Total Gateway Firewall Rules",
    "current_usage_count" : 401,
    "max_supported_count" : 400,
    "min_threshold_percentage" : 70.0,
    "max_threshold_percentage" : 100.0,
    "current_usage_percentage" : 100.25,
    "severity" : "CRITICAL"  

There are few options to clear the alarms from a NSX medium appliance

• Reduce the gateway firewall rules by delete or optimize the firewall rule configuration.
• Upsize the NSX-T appliance from medium size to large size.
• Upgrade the NSX-T version to 4.2.x

The "System Wide Total Gateway Firewall rules" limitation for a NSX-T medium appliance are:

Prior NSX-T version 4.2 the number is 400
NSX 4.2.x the number is 10000 (10k).