The issue occurs in environments using the IP range 169.0.0.0 - 169.255.255.255. This happens because the DSM’s heartbeat port, which is 4120 by default, filters communication to and from 169.xxx.xxx.xxx during the sync operation with vCenter. This is done to differentiate traffic for the VMKernel NIC IP, which uses 169.254.xxx.xxx.

To resolve the issue, change the scheme used by DSM to communicate with the DSVA servers and virtual machines. Follow these steps to change the default communication scheme from "1" for IP address to "0" for hostname.

1. On the DSM server, open the Windows command prompt using elevated privileges.
2. Go to the DSM program directory. For example: C:\Program Files\Trend Micro\Deep Security Manager.

3. Run the following commands:

    

   These commands will restart the DSM services.

   • For DSVA servers:

     dsm_c -action changesetting -name configuration.connectionSchemeDSVA -value 0

     Sample result:

     C:\Program Files\Trend Micro\Deep Security Manager>dsm_c -action changesetting -name configuration.connectionSchemeDSVA -value 0
     Stopping Trend Micro Deep Security Manager...
     Setting: configuration.connectionSchemeDSVA saved.
     Starting Trend Micro Deep Security Manager...
     Complete

   • For virtual machines:

     dsm_c -action changesetting -name configuration.connectionSchemeVM -value 0

     Sample result:

     C:\Program Files\Trend Micro\Deep Security Manager>dsm_c -action changesetting -name configuration.connectionSchemeVM -value 0
     Stopping Trend Micro Deep Security Manager...
     Setting: configuration.connectionSchemeVM saved.
     Starting Trend Micro Deep Security Manager...
     Complete

The DSM will now use hostname as the communication scheme.