Hello sorry for the late reply, (blame junk mail filter... didn't see the notification) for your question yes , I did exactly that, with my .local domain name, I just kept the DNS.1-4 entries. I s...
See more...
Hello sorry for the late reply, (blame junk mail filter... didn't see the notification) for your question yes , I did exactly that, with my .local domain name, I just kept the DNS.1-4 entries. I should have put the full config file in my post. Hope that helped. Christophe
I have no hand's on experience with Federation, so this might be a stupid suggestion, but have you checked that you don't have any unassigned TZ overlays?
Not PowerCLI, but you should be able to retrieve all DFW rules through the API as well. Loop through this to get all policy id's: GET /policy/api/v1/infra/domains/<domain-id>/security-policies ...
See more...
Not PowerCLI, but you should be able to retrieve all DFW rules through the API as well. Loop through this to get all policy id's: GET /policy/api/v1/infra/domains/<domain-id>/security-policies Then use the results to loop through this to get an overview of all the rule-ids within each policy: GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules And finally, you could loop this to get the details for every rule within the policy: GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id> This should allow you to output it all in JSON. Alternatively, consider managing the rulebase through IaC, that should give you a permanent overview of your rules in a repository.
The client is in charge of choosing it's TCP source port, either completely dynamically, like you'll see with a browser, or a fixed port (or pool of ports) for something like DHCP for example. It ap...
See more...
The client is in charge of choosing it's TCP source port, either completely dynamically, like you'll see with a browser, or a fixed port (or pool of ports) for something like DHCP for example. It appears that the client (the source in this logs) has setup multiple connections to the same host. It's hard to tell if this is normal in this specific instance, tcp/343 is not an IANA assigned port and I personally don't really recognize it.
You probably already did this, but have you verified the available disk space? It wouldn't really explain why the manual backup works, but it never hurts to check I guess.
Hello sir, I have a question for NSX backup, I configured a sftp server, it seems good but I got a error when autobackup are running As you can see a screenshot node backup is ok but cluster backup...
See more...
Hello sir, I have a question for NSX backup, I configured a sftp server, it seems good but I got a error when autobackup are running As you can see a screenshot node backup is ok but cluster backup is failed. But, If I click the button (start backup), node and cluster backup are always ok, so I think this isn't problem ok sftp server. Could you give me a advice for this issue? Regards
After upgrading from v3.2.2 to v4.1.2, I see lots of warnings about expired self-signed certs issued to internal services such as ar, ccp, mp, monitoring, cluster-manager, and idps-reporting. There ...
See more...
After upgrading from v3.2.2 to v4.1.2, I see lots of warnings about expired self-signed certs issued to internal services such as ar, ccp, mp, monitoring, cluster-manager, and idps-reporting. There are three warnings for each service, one for each node. Looks like they expired a year ago, but are just now throwing warnings. Are these legacy certs that aren't needed after the upgrade? Can they be safely deleted? NSX is working fine even with all the expired certs.
Hi I have a question about logs in VMware Aria Operations for Logs. What does each field mean in these event logs? (refer to attached image file) are there any links or guides for reference?
Hi When I checked vRealize Log Insight, I found that some logs have the same source ports and some logs have different source ports each other. What's the difference between these following cases? ...
See more...
Hi When I checked vRealize Log Insight, I found that some logs have the same source ports and some logs have different source ports each other. What's the difference between these following cases? -------------------------------------------------------------------------------------- 2023. 11. 6. 10:15:9.659 FIREWALL-PKTLOG: INET match PASS 9642 OUT 52 TCP 00.00.43.72/5614->00.00.145.11/343 S 2023. 11. 6. 10:15:9.106 FIREWALL-PKTLOG: INET match PASS 9642 OUT 52 TCP 00.00.43.72/5614->00.00.145.11/343 S 2023. 11. 6. 10:15:8.602 FIREWALL-PKTLOG: INET match PASS 9642 OUT 52 TCP 00.00.43.72/5614->00.00.145.11/343 S 2023. 11. 6. 10:15:42.055 FIREWALL-PKTLOG: INET TERM PASS 9642 OUT TCP RST 00.00.43.72/5616->00.00.145.11/343 1/1 52/40 2023. 11. 6. 10:15:33.077 FIREWALL-PKTLOG: INET TERM PASS 9642 OUT TCP RST 00.00.43.72/5615->00.00.145.11/343 1/1 52/40 2023. 11. 6. 10:15:32.065 FIREWALL-PKTLOG: INET TERM PASS 9642 OUT TCP RST 00.00.43.72/5614->00.00.145.11/343 1/1 52/40 2023. 11. 6. 10:15:32.065 FIREWALL-PKTLOG: INET TERM PASS 9642 OUT TCP RST 00.00.43.72/5613->00.00.145.11/343 1/1 52/40
Thanks for the reply Sreec. We wanted to see what multicast traffic, if any, was traversing the network. So, we initially did a search for IP's within the class d range in the wireshark capture. T...
See more...
Thanks for the reply Sreec. We wanted to see what multicast traffic, if any, was traversing the network. So, we initially did a search for IP's within the class d range in the wireshark capture. Then later on, we noticed the 250.250.254.254 address. In regards why the class E address is there, I am trying to determine what device/service is using this address as well. Does anything within the VMWare environment use this address for heartbeat messages etc.? This class E address seems to continually be sending a broadcast. We've recently came into the position of managing and maintaining this network, so trying to put it together in my head.
Hello. We have an NSX-T environment in which we are trying to determine source of broadcast traffic from IP 250.250.254.254. The traffic is captured between two ESXi hosts that have NSX-T edge node...
See more...
Hello. We have an NSX-T environment in which we are trying to determine source of broadcast traffic from IP 250.250.254.254. The traffic is captured between two ESXi hosts that have NSX-T edge nodes installed. We have three edge nodes installed in a cluster. Looking at the attached screenshot, the traffic is traversing via a Geneve tunnel between the two NSX-T edge nodes. Could the traffic from 250.250.254.254 be a heartbeat message between the NSX-T edge nodes? Looking at the timestamps in the attached screenshot, there is quite a bit of traffic from 250.250.254.254. Thanks in advance for any comments and insight.
