I am facing a weird issue, here is how to reproduce it :
1. Set web server outside NSX cluster, and set listening port to 69
2. Create a client VM inside NSX cluster (with DFW enabled and all rules are default)
3. Access from client VM to that web server http://ipaddress:69
4. The result : client can't access the web server, DFW block it
If i changed listening port of web server to other than 69, then DFW will allow it. Is it also known issue?
There is a known bug with ANY traffic using port 69 that isn't TFTP traffic.
This was introduced with the TFTP ALG in 6.2.3. The issue will be resolved in an upcoming release.
Thanks alot for your info