• NSX DFW IPFIX has been enabled in VMware Aria Operations for Networks.
• The 'dfwipfix' is not in the list of ESXi firewall outgoing rules.
• The ESXi host has no virtual machine running.

VMware vSphere ESXi 8.0.x
VMware NSX 4.x
VMware vRealize Network Insight 3.x

NSX DFW is a distributed firewall. If there is no virtual machine in ESXi host connecting to NSX segment, the DFW is not being used in the host where the IPFIX is expectedly not effective. Then the 'dfwipfix' is not in the firewall outgoing rules.

• The behavior is expected and working as design.
• In the ESXi host connecting virtual machine to NSX segment make the 'dfwipfix' available in the firewall outgoing list.