- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello guys.
I'm facing a problem to use vRealize Log Insight to log VLAN Backend traffic.
I did create a VLAN Backend segment and all my VMs are attached to this port-group segment and working well. I created two Distributed Firewall rule One called Catchall-Inbound and the other Cathall-Outbound with the source and destination this VLAN Backend subnet. These two rules have any destination and any sources for any services.
I did enable the "Logging" option on each DFW Rule and I did set a Log Label to find more easily the rules on vRealize Log Insight. I am sure that these two rules are working because when I disable both rules the traffic immediately stops. But on vRealize Log Insight when I go to event tabs I can't see any traffic on this two rule. But when I set to DFW accept traffic from Overlay Networing the vRealize Log Insight show immediately all the traffic.
My doubt is: Can the NSX-T DFW rules and vRealize Log Insight only log and log traffic coming from overlay networks? Or we can do the same for VLAN Backend Segment once that we can normally apply DFW rules to the VLAN Backend Segment.