After re-enabling the "Distributed Firewall Service" , some Firewall rules do NOT get realized on the ESXi host.
search cancel

After re-enabling the "Distributed Firewall Service" , some Firewall rules do NOT get realized on the ESXi host.

book

Article ID: 395478

calendar_today

Updated On:

Products

VMware vDefend Firewall VMware vDefend Firewall with Advanced Threat Prevention

Issue/Introduction

- After re-enabling the "Distributed Firewall Service" via NSX UI > Security > Distributed Firewall > Settings > General Firewall Settings > Distributed Firewall Service, some Firewall rules do NOT get realized on the ESXi 

- Network traffic is impacted after re-enabling "Distributed Firewall Service".   

Environment

VMware vDefend Firewall

VMware vDefend Firewall with Advanced Threat Prevention

Cause

Turning off distributed services will turn off Distributed Firewall, Identity Firewall, Distributed Intrusion Detection and Prevention Service, Distributed Load Balancer. Turning off firewall rules can make the system vulnerable. Click on 'TURN OFF' button to turn off distributed services.

Resolution

After re-enabling the "Distributed Firewall Service", the User needs to explicitly re-enable Identity Firewall, Distributed Intrusion Detection and Prevention Service, Distributed Load Balancer

Powered by Wolken Software