• Firewall rules not being stateful when creating with Cloud Director UI.
• When checking the firewall rules from the following screen in the NSX Manager UI, it shows as stateless.
  
  Security -> Gateway Firewall -> Gateway Specific Rules -> target policy -> Advanced Configuration
• T-1 gateways have rules applied on Edge implemented as stateless entries where it suppose to be stateful.

VMware Cloud Director 10.6.1

Starting with VMware Cloud Director 10.6.1, you can create stateful firewall rules.
The default setting is to create stateless rules.

1. Enable the stateful firewall on the Edge Cluster.
   1. Login to the Cloud Director provider UI as a system administrator.
   2. Navigate to 'Resources -> Infrastructure Resources -> NSX-T -> NSX-T Edge Clusters -> Edge Cluster Name'.
   3. In the 'General' page click 'EDIT'.
   4. Click the 'Stateful Firewall' slider to enable it.
   5. Click 'SAVE'.
2. Deploy a new Edge gateway in order for this new gateway to use the stateful firewall.

Note: Changing the Stateful Firewall setting has no impact on already deployed edge gateways.

Managing NSXEdge Gateways in VMware Cloud Director Service Provider Admin Portal