VMware Networking Community
spacemanj
Contributor
Contributor
‎05-24-2018 05:16 AM
Jump to solution

Traffic Steering Firewall Rules

Hi,

Are Network Introspection Traffic Steering rules within a Security Policy dependant on traffic first being permitted by the Firewall Rules for that Policy?

e.g.

Firewall Rules:

     Permit ICMP

     Permit HTTP

     Deny All

Network Introspection

     Redirect SQL

Is an explicit Permit SQL Firewall Rule needed in order for the redirect to work? or is it redirected regardless?

0 Kudos
1 Solution

Accepted Solutions
lhoffer
VMware Employee
VMware Employee
‎05-24-2018 05:53 AM
Jump to solution

You still need a rule to permit the traffic or it will just get dropped as opposed to redirected.  Snippet from the prerequisite portion of the Redirecting Traffic to a Vendor Solution through Logical Firewall​ section of the admin guide:  

  • If the default firewall rule action is set to Block, you must add a rule to allow the traffic to be redirected.

View solution in original post

2 Replies
lhoffer
VMware Employee
VMware Employee
‎05-24-2018 05:53 AM
Jump to solution

You still need a rule to permit the traffic or it will just get dropped as opposed to redirected.  Snippet from the prerequisite portion of the Redirecting Traffic to a Vendor Solution through Logical Firewall​ section of the admin guide:  

  • If the default firewall rule action is set to Block, you must add a rule to allow the traffic to be redirected.
spacemanj
Contributor
Contributor
‎05-24-2018 05:59 AM
Jump to solution

Perfect - thank you!

0 Kudos