When toggling a vApp network firewall off the NSX firewall on the edge gateway remains active in VMware Cloud Director
search cancel

When toggling a vApp network firewall off the NSX firewall on the edge gateway remains active in VMware Cloud Director

book

Article ID: 412593

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

When toggling a vApp firewall in VMware Cloud Director 10.6.1.x there is no update to the edge gateway firewall status in NSX.

Environment

VMware Cloud Director 10.6.1.x
NSX 4.x

Cause

This is expected behavior and working by design.

Resolution

When the firewall is enabled on the vApp Network the change being done in NSX is specifically to the firewall rules. The firewall rules defined in Cloud Director are created when the firewall is enabled. The firewall rules are deleted when the firewall is disabled. The default rule of allow will remain enabled in NSX when the vApp firewall is disabled in Cloud Director. 

It is expected that the firewall status in NSX will remain toggled on throughout the changes.

Powered by Wolken Software