Has anyone else managed to get the HCX appliances to work with NSX v installed with firewall rules? If i create firewall rules traffic passes through them as per the documentation, i have assigned ST and SGs but the gateway always drops but the tunnels remain up. As soon as i add it to the exclusion list it all magically works? it even drops with any any rules. I am wondering if it has something to do with the way the ST/ SG are working as several vms have the same private ips
|-- icmp(success)
|-- ssl connection(success)
|-- ssl handshake(success)
|-- gateway status(fail): Peer site connectivity is down
|-- Appliance System Status: good
|-- Peer Site Connectivity: down
|-- WANOPT 192.0.2.2 Status: up
|-- Tunnel t_1 Status: up , rx 45555526, tx 172285995
|-- Tunnel t_0 Status: up , rx 95071447, tx 209591053
|-- Tunnel t_2 Status: up , rx 4385286, tx 101590618
|-- Tunnel te_0 Status: up , rx 147018366, tx 485469324