Error: "Could not disable DFW for entity [name] Org vDCGroup. Cannot deactivate DFW service for VDC Group [name] vDCGroup as the default security policy is still enabled"
search cancel

Error: "Could not disable DFW for entity [name] Org vDCGroup. Cannot deactivate DFW service for VDC Group [name] vDCGroup as the default security policy is still enabled"

book

Article ID: 409194

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

  • When trying to delete VDC Group in Tenant UI the following error is seen:

     "Could not disable DFW for entity [name] Org vDCGroup. Cannot deactivate DFW service for VDC Group [Name] vDCGroup as the default security policy is still enabled"

Environment

Cloud Director 10.6.1.1

Cause

By default the Distributed Firewall on a VDC group is disabled. If it's enabled post configuration, then it needs to be disabled manually again before the VDC group is deleted.  If it's not disabled, then this error will occur during a deletion attempt.

Resolution

To resolve this issue:

  1. Within the Tenant UI click "Networking -> Data Center Groups -> [VDC group name] -> Distributed Firewall"
  2. Underneath the "Default Policy Status" section click the 'disable' button to disable Distributed Firewall.
  3. Proceed to deletion of the data center group.
Powered by Wolken Software