Summary
After installing DSVA and activating Agentless IPS protection, you noticed that all traffic is being blocked.
Details
One possible cause of blocked traffic is two missing parameters in the DSVA VMX file:
- Name: ethernet2.filter0.name
Value: dvfilter-faulter
- Name: ethernet2.filter0.param0
Value: dvfilter-dsa
Parameters in the VMX file are not added when the DSVA is deployed through vCenter instead of the Deep Security Manager (DSM). It is not recommended to deploy DSVA using methods other than the DSM, unless approved by Trend Micro.
To resolve the issue, check if your VMX file is missing these parameters, and then do one of the following:
- If the parameters are missing, we recommend redeploying the DSVA via the DSM. If redeploying is not an option, only then should you configure the missing parameters using the procedure in this KB article: Correcting packet issues in Deep Security Virtual Appliance (DSVA).
- If there is no missing parameter, contact Trend Micro Technical Support.