Network connectivity issues when using virtual firewall appliances with Performance Cloud VMware (NSX-T)

Symptoms

Users are experiencing disconnections within their applications (remote desktop for example) or VPN connectivity issues on a regular basis when using a third-party virtual firewall in Performance Cloud VMware. Issue is not present when using the built-in VMware Edge Gateway service.

Possible Causes

  • Your virtual firewall manufacturer's appliance does not support the VMware vMotion feature.
  • You are not using an up-to-date version of the virtual appliance.
  • Make sure that the virtual hardware configuration follows the manufacturer's deployment instructions.

Description

Performance Cloud VMware is leveraging Distributed Resource Scheduler (DRS). This technology from VMware allows for optimal placement of your virtual servers within our infrastructure at any time and dynamically performs a migration (using VMware’s vMotion) of workloads from one physical server to the other when a host is experiencing peak load when compared to its peers within a cluster. When a virtual firewall, or any virtual network virtual appliance for that matter, does not support vMotion, it can crash your appliance or cause network issues. Similar symptoms can also happen when if using an out-of-date network appliance. 

Recommended troubleshooting steps

  • Consult Sherweb’s Network Status page to confirm there are no network-related issue
  • Confirm with your Internet Service Provider that there are no issue with your service
  • Place a support call with your network firewall vendor to confirm that it is not a known issue with your current version of the appliance or your configuration, and that vMotion is supported.