NouraNasri
Contributor
Contributor

network issues after installing vshield app

Hi,

i have install vshield app on a host, everything is ok! i have  tested blocking and opening flows, and it was fine..

but, when i create a new virtual machine, there are no network response!! with static ip adress or dhcp same problem Smiley Sad

please help

best regards,

0 Kudos
4 Replies
VictorY2000
Contributor
Contributor

In "Flow Monitoring" ->  Details  -> "Blocked Flows", do you see anything there?

0 Kudos
NouraNasri
Contributor
Contributor

Hi Victor,

no nothing on blocked flows!

and now other problem: when creating a new VM, i can't see it on vshield web interface with other VMs!!!

Smiley Sad

0 Kudos
amatt240
Enthusiast
Enthusiast

1. Is the VM "plugged" into the right vSwitch/network?

2. Can you add the VM to vShield App's exclusion list? (it gives you a list of VM's and you can pick it out).

3. is vShield App installed on just 1 host, or is it on hte entire cluster? vShield App should be deployed across a cluster and not onesy-twosy, and can cause issues. One issue is in 5.1.2a, and that is if you move a VM from a non-vshield App protected host, to a vshield app protected host, it will not allow the VM any networking until you add it to the exclusion list.

4. Check at higher levels if you enabled firewall rules at the datacenter/host/port group level. Remember vshield app is conceptually a firewall on every vNIC, so if you have a "deny" rule at the bottom of your firewall at the datacenter level, only VM's with exclusions will have any kind of communications. You can make port groups "independent" of the higher level rules (say in a multi-tenancy scenario), you have to go to the port group in the "networking" drop down in vCNS manager, then change the port group to be "independent namespace".

NouraNasri
Contributor
Contributor

i have restart the vshield app appliance of the host where my VM is, and it's OK! it receives an ip!

but i hope to don't have the same problem!

0 Kudos