Have you published the changes ? I hope the new rule will be on top of default one in the order list.
Thanks for taking time.
Yes, I have configured custom rule well above default rule and also publish the changes but it is matching default rule.
I have gone through KB article does it mean that we will not able to control TCS traffic between VMs if that is the case Micro-segmentation is not giving expected outcome.
I would like to know your view on this.
How have you configured the rule? Are you using objects?
When firewall rules are created using objects they have to be translated to IP addresses to actually be applied. Here VMTools plays an important part and if it is not present you might see the behavior you mention. Take a look at this: NSX Distributed Firewall Deep Dive – Route to Cloud
It has lots of good info on how this works.
Please check if you have VMTools in the VMs that you are trying to create a rule for and try to change the rule to use IP addresses instead of objects and let us know the results.