Firewall rules masked by preceding "Default Layer2 Rule" in VMware Aria Operations for Networks 9.0.0.0
search cancel

Firewall rules masked by preceding "Default Layer2 Rule" in VMware Aria Operations for Networks 9.0.0.0

book

Article ID: 423317

calendar_today

Updated On:

Products

VCF Operations for Networks

Issue/Introduction

  • Firewall rules masked by "Default Layer2 Rule" in VCF Operations for Networks 9.0.0.0

  • This is a system defined alert seen on VCF Operations for Networks GUI.

    Refer to screenshot as below:

Environment

VCF Operations for Networks 9.0.0
VCF Operations for Networks 9.0.1

Cause

This is unexpected behavior. DFW Firewall rules are applied at different layers. But the Firewall masked rule alert should not be raised if the masked rule and masking rules are of different layers.

This issue is seen where Computation of the Alert in VCF Aria Operations for Networks is done correctly as per ETHERNET > EMERGENCY > INFRASTRUCTURE > ENVIRONMENT > APPLICATION.
The segregation of L2 and L3 alerts is  not handled correctly  hence the the Alert for Firewall rules masked by  preceding is triggered.

Resolution

This issue is fixed in Future release of VCF 9.x  

As a workaround, today the only option is to manually  archive the mass masking alerts seen on GUI

To archive the Alerts from VCF Operations for Networks UI:

1. Select the alert in the Open Problems section of the Homepage. Or, enter Problems in the search bar and select an alert from the list.
2. In the more option (three vertical dots), click Archive.

Additional Information

Deactivate/Archive Alerts in VCF Operations for Networks 9.0.0


Click on the Subscribe button in the top right hand corner to subscribe to this knowledge article to get updates on this issue. 

Powered by Wolken Software