IMPORTANT NOTE
Subscribe to RSS Feed http://feeds.feedburner.com/NSX for an up-to-date information on new product, patches and fix announcements regarding VMware NSX for vSphere.
Minimum Recommended Release:
- NSX for vSphere 6.2.2 and vSphere 6.0 Update 2 remains the recommended release combination. For more information regarding new features and bug fixes on the latest release, see the NSX for vSphere 6.2.4 Release Notes.
- Note: vCenter Server 6.5 does not have a compatible NSX version at this time. For more information, see Recommended version for NSX for vSphere with GID, ESXi, and vCenter Server (2144295).
Top issues and What to Do:
VMware NSX for vSphere 6.2.4
Issue #1:
TLS v.1.0 has been deprecated in NSX for vSphere 6.2.4. This is the default on the NSX Edge which can break interoperability with back-end servers including VMware vRealize Automation. The Load Balancer must be configured with monitor extension value of ssl-version=10. For more information, see TLSv1 and SSLv3 support in NSX-V 6.2.4 (2147293).
Issue #2:
After upgrade to NSX for vSphere 6.2.4, service profile with PAN is deleted. PAN v7.1.0 requires “Service Profile Zone for NSX” checkbox to create service profile on NSX.
Note: For more information, contact Palo Alto Networks Support.
Key Points:
- NSX for vSphere 6.2.4 release has a list of applicable cipher list for any Load Balancer Service Application profile. For more information on the following list of ciphers that can be applied under Application Profiles, see Supported list of ciphers for loadbalancer service in NSX 6.2.4 (2147830).
- In an NSX for vSphere 6.2.4 environment where the NSX Edge is configured for HA with OSPF graceful restart configured and MD5 is used for authentication, OSPF fails to start gracefully. Adjacencies forms only after the dead timer expires on the OSPF neighbor nodes. For more information, see OSPF adjacencies are deleted with MD5 authentication after NSX Edge HA failover (2147787).
VMware NSX for vSphere 6.1.X, vSphere 6.2.X
Issue #1:
In an environment with multiple VMware vCenter Servers with multiple NSX managers, you experience this symptom:
- When selecting one or more NSX Manager from the vSphere Web Client > Networking and Security > Installation > Host Preparation, you see this error:
Could not establish communication with NSX Manager. Please contact administrator.
For more information if you are planning to upgrade only one NSX Manager in a vCenter Linked Mode environment, see Upgrading a single NSX Manager in a vCenter Linked Mode Environment (2127061).
Issue #2:
After upgrade of NSX for vSphere 6.1.x to 6.2.4, you see this symptom:
- NTLM authentication of an application through the NSX Load Balancer fails
For more information if you use the “No” option http-server-close application rule, contact VMware Support. For more information, see How to file a Support Request in My VMware (2006985) and NTLM authentication through the NSX Load Balancer fails after upgrade (2147496).
VMware NSX for vSphere 6.1.X
Issue #1:
Virtual machines lose network connectivity after vMotion under the following conditions:
- Distributed Firewall (DFW) is enabled in the environment and;
- NSX for vSphere setup upgraded from NSX-V 6.1.x release to NSX-V 6.2.3 releases and 6.2.4 release and virtual machines are later migrated between upgraded ESXi hosts.
- When a virtual machine is migrated from an upgraded host to a non-upgraded host.
For more information if you are upgrading from NSX for vSphere 6.1.x, see KB Article “Failed to restore PF state : Limit exceeded” error after NSX upgrade (2146171).
Comments