The following list contains features or actions that are currently not supported:
- Cisco ASA redundant interfaces are not included in Port Channel Member Mismatch intent check as the redundant interface to member interface mapping is not supported in vRealize Network Insight.
- If you sort firewall rules using Comment filter and if that rule comment contains double quote (''''), then you see Invalid query format in "Firewall Rule Comment is set" as double quote ('''') in a firewall rule comment is not supported in vRealize Network Insight.
- In the Network Map, when you search for Path that involves Cisco ASA BVI interfaces, you see an incomplete path as Cisco ASA BVI interfaces are not supported in Network Map.
- vRealize Network Insight currently shows only first 25 alerts per intent.
- The following intents are not supported for ASR1K:
- STP Path Cost Method Inconsistency
- HSRP/VRRP Master And STP Root Co-location
- Data collection does not collect the inventory from Kubernetes clusters managed by Tanzu Kubernetes Grid Integrated Edition when the last action is in failed state.
- Deactivate the Tanzu Kubernetes Grid Integrated Edition data source in vRealize Network Insight while upgrading the Tanzu Kubernetes Grid Integrated Edition and re-enable it after the upgrade is successful.
- NSX-T Federation behavior with Advanced license:
NSX-T Federation is not supported with advanced license. Hence, vRealize Network Insight continues to treat NSX-T federated objects as local objects and due to this, you may see the following behavior:
- As stretched networking is not supported, duplicate flows can be displayed.
- VM-VM path does not consider stretched entities and an unknown path message is displayed when VMs are across sites.
- If the networking for the VMs within the site is managed by the VMware NSX-T Federation Local manager (LMs), it works as expected.
- If the networking for a site is managed by the VMware NSX-T Federation Global Managers (GMs) (like the Layer 2 network created by GM for a specific site), then even within site VM-VM path does not work.
- Global entities cannot be searched.
- You can see a reference to a global entity in some other Policy entities. If you click this entity, a Feature Not Supported message is displayed.
- GMs can not be added as a data source in vRealize Network Insight. All the VMware NSX-T Federation related data is fetched from the LMs.
- NSX-T Federation behavior for an advance license user upgrading from an earlier version of vRealize Network Insight to advance license version 6.4 and above:
- The global entities that were searchable before the upgrade, will not be searchable after the upgrade.
- After the upgrade, site tagged flows are deleted after a certain duration of time and duplicate flows can appear.
- Some entities can have stale references to the Global Entities, for example, policy groups can have references to global groups, or local firewall rules can have references to the global firewall rules. Clicking these references displays a standard not supported by license message.
-
In the Network Map, path search does not work if VMware NSX Edge VM is connected to NVDS.
-
For devices that do not support CDP and LLDP protocols, Port Channel Member Mismatch intent does not generate alerts if:
- Neighbor devices with inconsistent port-channel configuration make one or more member ports inactive
- There is no ARP table entry pointing to an interface that is not a member of any port-channel, but its neighbor is member of a port-channel
-
The Port Mode Mismatch intent might generate false positive alerts for Cisco ASA devices if VLAN sub-interfaces are configured at port channels.
-
If Panorama fails to commit configuration changes to a Palo Alto gateway, vRealize Network Insight continues to use the latest configuration present in Panorama, which may not be in sync with the policies enforced by the Palo Alto gateway.
-
The paths via tunnels if the ECMP (Equal Cost Multi Path routing) is enabled, may overlap with each other.
-
Some complex VM-VM paths in a VMware NSX-T Federation setup may exhibit cross-lines. Use the path labels to understand the path topologies for such paths.
-
Firewall masking event does not work for the Global firewall rule and the Applied To field is missing for Global Gateway Firewall Rules.
-
ServiceNow changed the data-modelling and storing of data for the applications discovered by the Service Mapping plugin with the Discoverable by Service Mapping configuration option. This change is not supported in vRealize Network Insight for ServiceNow based application discovery. vRealize Network Insight still supports applications discovered by Service Mapping with the Manual Endpoint configuration option.
-
Global Rules spanning across site do not show up in VM-VM path.
-
Invalid credentials error can occur on the VMware NSX-T data source if the VMware NSX-T added to vRealize Network Insight is upgraded.
Workaround: Re-enter the credentials.
-
When HSRP/VRRP interfaces at two devices are configured with the same matching Virtual IP address but have the protocol Group ID misconfigured, the HSRP/VRRP Configuration Error intent misclassifies that as "2 Active Master interfaces", instead of classifying it as 'Master interface doesn't know Standby'.
-
You cannot edit the SD-WAN Edge Uplink Utilization intents if you have set the is outside range threshold condition under the exception category.
Workaround: Re-enter the same values for is outside range condition.
-
When the content of an open alert changes, vRealize Network Insight does not show the new value in the alert details.
-
In the Network Map, the entity details window of the distributed switches does not show alerts that are originated from intents.
-
You cannot see the unprotected flows for the Kubernetes service in the Micro-Segmentation Planning page.
- With the release of vSphere 7.x, some vRealize Network Insight features stop to work in 6.x versions due to vSphere Tanzu. For more information, see the KB article 78492.