Solved: Re: Without syslog, how can I view the allowed/den...

vmmed1 · ‎11-17-2017

I am trying to troubleshoot traffic to a VIP and trying to determine if the NSX Edge firewall is blocking or not. I am looking into getting syslogging working correctly

for this. But in the mean time perhaps a way I can view allow/deny some other way? Thank you.

ASIS_Intl · ‎11-21-2017

Erik has the correct answer for working in the NSX GUI. Likewise, Network Insight would give you great insight to firewall block actions taken in NSX.

If you are looking for live views, Flow Monitor does work, but you may have an easier time doing it from the CLI of the ESG in question. Don't have a link handy, but I was just going through this process yesterday and viewing overall flow statistics and live drops by the ESG firewall on the CLI. It was maddeningly easy and answered several questions I had far easier than the GUI has ever done for me. This is on a 6.2 environment.

Hope this helps!

View solution in original post

erikverbruggen · ‎11-21-2017

You can use Flow Monitoring or Application Rule Manager features to be able to see the network traffic and the firewall rules it hits.

Flow Monitor

Flow Monitoring

Application Rule Manager

ASIS_Intl · ‎11-21-2017

Erik has the correct answer for working in the NSX GUI. Likewise, Network Insight would give you great insight to firewall block actions taken in NSX.

If you are looking for live views, Flow Monitor does work, but you may have an easier time doing it from the CLI of the ESG in question. Don't have a link handy, but I was just going through this process yesterday and viewing overall flow statistics and live drops by the ESG firewall on the CLI. It was maddeningly easy and answered several questions I had far easier than the GUI has ever done for me. This is on a 6.2 environment.

Hope this helps!

All

Without syslog, how can I view the allowed/denied traffic by the NSX Edge firewall? Is there a means?