NSX Field Advisory – January 2017 Edition

Important Note

Subscribe to RSS Feed http://feeds.feedburner.com/NSX for up-to-date information on new products, patches, and fix announcements for VMware NSX for vSphere.

Minimum Recommended Release

NSX for vSphere 6.2.2 and vSphere 6.0 Update 2 remains the recommended release combination. For more information, see Minimum recommended version for NSX for vSphere with GID, ESXi and vCenter Server (2144295).

GA Announcement

VMware NSX for vSphere 6.2.5 is now available for download.

Fixed issues in NSX for vSphere 6.2.5

For additional information, see the Resolved Issues section of the NSX for vSphere 6.2.5 Release Notes.

Top issues and What to do

VMware NSX for vSphere 6.1.x

Issue #1:

As of June 9, 2016 with the release of NSX for vSphere 6.1.7, the EOGS date has been extended by 3 months, to January 15th, 2017 in support of all NSX for vSphere 6.1.x versions. This is to allow customers to have time to upgrade from NSX for vSphere 6.1.7, which contains an important security patch improving input validation of the system, to the latest 6.2.x release. For recommended upgrade paths, refer to the latest NSX for vSphere 6.2 Release Notes and the VMware Interoperability Matrix. For more information, see End of General Support: VMware NSX for vSphere 6.1.x (2144769).

Issue #2:

At the moment, NO versions of NSX for vSphere 6.x are compatible with vSphere 6.5. For an up-to-date information, see the VMware Interoperability Matrix. Also, see Update sequence for vSphere 6.5 and its compatible VMware products (2147289)

NSX for vSphere 6.2.4

Issue #1:

Symptom: High volume of MAC learning table updates with NSX L2 Bridge and LACP may lead to out of memory condition.

Workaround: Avoid setting a flow-based hashing algorithm on the physical switch when using LACP. Instead, pin MAC addresses to the same uplinks or change the policy to source-MAC. For more information, see Netcpa stops running on an ESXi host that runs a Bridging DLR VM (2147181).

Issue #2:

Symptom: Attempts to edit interfaces of vCNS or vShield 5.5.x Edges fails on NSX 6.1.5 and later releases.

Workaround: If you encounter this issue, file a support request with VMware Support and quote this Knowledge Base article ID (2148444) in the problem description. For more information, see:

Issue #3:

Symptom: NSX SSL-VPN clients fails to connect.


  1. Navigate to EDGE > Client configuration > Disable Auto reconnect.
  2. Disable the SSL VPN service.
  3. Enable the SSL VPN service. For more information, see NSX SSL-VPN clients fails to connect (2148389).

Note: Alternatively, do not use the Enable Auto reconnect option for SSL-VPN Clients.

Issue #4:

Symptom: When there are firewall rules defined in the Security Policies through Service Composer, the DFW rules order change unexpectedly when published.

Workaround: Synchronize the Firewall Config through the NSX Security Policy User Interface.

  1. Log in to the vCenter Server using the vSphere Web Client.
  2. Navigate to Networking and Security > Service Composer > Security Policies.
  3. Select the Actions
  4. Select Synchronize Firewall Config. The rules should be corrected in their original order.

Note: To avoid this issue, do not use the Filter in the NSX User Interface (UI) when publishing firewall rules. For more information, see DFW rules change order unexpectedly when published (2146471).


0 comments have been added so far

  1. Wow thanks for sharing this great information. Actually i was looking for the same information about VMware NSX, but i am not able to find the proper information and now my search is over here . Thanks once again for sharing . The way you explained each and everything in this article is really great.

Leave a Reply

Your email address will not be published.