After upgrading to SSP 5.1.1, IP-based NSX groups may not appear in the search results when selecting groups during the Policy Recommendation workflow.

The groups still exist in SSP inventory but cannot be found using the group search/autocomplete field in the Recommendation UI.

SSP 5.1.1

In SSP 5.1.1, a backend filtering mechanism was introduced to exclude IP-only groups from appearing when selecting the “Applied-To” field during recommendation generation. This behavior was introduced because IP-only groups cannot be enforced as Applied-To targets for recommended rules.

Due to the current implementation, the same filtering key is also used by the autocomplete search functionality in the Recommendation UI, which unintentionally filters out IP-based groups from the search results when replacing Source or Destination groups during the recommendation review stage.

As a result, these groups are not returned by the search filter, even though they still exist and remain selectable within the UI list.

Currently there is no Resolution

Workaround :

When selecting an existing group during Recommendation → Review → Replace Source/Destination Group:

Open the group selection list.

Instead of using the search field, manually scroll through the list of groups across the available pages.

Locate and select the required IP-based group.

The groups remain present in the dataset and can be selected through manual browsing.