VMware Advanced Threat Prevention key can be added only if valid ("VMware Firewall") key exists. (Error code: 3035)
search cancel

VMware Advanced Threat Prevention key can be added only if valid ("VMware Firewall") key exists. (Error code: 3035)

book

Article ID: 442463

calendar_today

Updated On:

Products

VMware SDDC Manager / VCF Installer

Issue/Introduction

When attempting to apply a VMware Advanced Threat Prevention license key in NSX (or via SDDC Manager), the operation fails with the following error:

  • "VMware Advanced Threat Prevention key can be added only if valid ("VMware Firewall") key exists. (Error code: 3035)"

 

Additionally, SDDC operationsmanager.log may show:

  • com.vmware.licensecheck.SerialNumException: Invalid serial number: no dormant license file corresponding to the serial number

Environment

  • VCF/SDDC Manager: 5.2.1.2
  • VxRail Manager: 8.0.310-28809519
  • NSX: 4.2.2.1.0.24765084
  • vCenter: 8.0.3 24674346

Cause

The VMware Advanced Threat Prevention key has a licensing dependency. It requires a valid "VMware Firewall" (vDefend) license key to be applied to the NSX deployment first. Without this prerequisite key, the Advanced Threat Prevention key cannot be activated.

Resolution

Ensure that the VMware Firewall license key is applied before attempting to add the Advanced Threat Prevention key.

  1. Log in to the Broadcom Support Portal and locate your VMware Firewall (a.k.a. vDefend) license key.
  2. Navigate to the NSX Manager UI > System > Licenses.
  3. Apply the VMware Firewall license key first.
  4. Once the Firewall license is active, apply the VMware Advanced Threat Prevention key.
  5. (Optional) If applying via SDDC Manager, ensure the NSX Manager root passwords are synchronized in SDDC Password Management before retrying the license propagation.
Powered by Wolken Software