I am trying to troubleshoot traffic to a VIP and trying to determine if the NSX Edge firewall is blocking or not. I am looking into getting syslogging working correctly
for this. But in the mean time perhaps a way I can view allow/deny some other way? Thank you.
Erik has the correct answer for working in the NSX GUI. Likewise, Network Insight would give you great insight to firewall block actions taken in NSX.
If you are looking for live views, Flow Monitor does work, but you may have an easier time doing it from the CLI of the ESG in question. Don't have a link handy, but I was just going through this process yesterday and viewing overall flow statistics and live drops by the ESG firewall on the CLI. It was maddeningly easy and answered several questions I had far easier than the GUI has ever done for me. This is on a 6.2 environment.
Hope this helps!
You can use Flow Monitoring or Application Rule Manager features to be able to see the network traffic and the firewall rules it hits.
Flow Monitor
Application Rule Manager
Erik has the correct answer for working in the NSX GUI. Likewise, Network Insight would give you great insight to firewall block actions taken in NSX.
If you are looking for live views, Flow Monitor does work, but you may have an easier time doing it from the CLI of the ESG in question. Don't have a link handy, but I was just going through this process yesterday and viewing overall flow statistics and live drops by the ESG firewall on the CLI. It was maddeningly easy and answered several questions I had far easier than the GUI has ever done for me. This is on a 6.2 environment.
Hope this helps!