VMware Networking Community
mrdlnf80
Contributor
Contributor

Weird issue with DFW

Hi All,

I am facing a weird issue, here is how to reproduce it :

1. Set web server outside NSX cluster, and set listening port to 69

2. Create a client VM inside NSX cluster (with DFW enabled and all rules are default)

3. Access from client VM to that web server http://ipaddress:69

4. The result : client can't access the web server, DFW block it

If i changed listening port of web server to other than 69, then DFW will allow it. Is it also known issue?

Thanks alot

Tags (1)
Reply
0 Kudos
2 Replies
DaleCoghlan
VMware Employee
VMware Employee

There is a known bug with ANY traffic using port 69 that isn't TFTP traffic.

This was introduced with the TFTP ALG in 6.2.3. The issue will be resolved in an upcoming release.

Dale

Reply
0 Kudos
mrdlnf80
Contributor
Contributor

Hi Dale,

Thanks alot for your info

Reply
0 Kudos