VMware NSX —Invalid Applied to Value
What if you’re trying to perform a publish operation in the VMware NSX distributed firewall and you get the error “Invalid Applied to…
What if you’re trying to perform a publish operation in the VMware NSX distributed firewall and you get the error “Invalid Applied to Value at index 5, rule type LAYER3”?
I recently experienced this error when trying to publish rules after we did an upgrade from NSX 6.3.5 to NSX 6.4.4. Its caused by a rule where you have applied both the Distributed Firewall and a Logical Switch. A UI bug in NSX 6.3.5 (and probably others) allowed you to deselect the checkbox for “Apply this rule on all clusters on which Distributed Firewall is installed”, select an object other than an ESG such as a Logical Switch, and then check the box again. In NSX 6.4.4 when you try to check the box you get the warning below that says all objects except Edge Gateways will be removed.
The index number corresponds to the rule in the specific section you are trying to publish counting from top to bottom. So even though the rule ID could be 100, if its the first rule in your section then its index 1, if its the fifth rule in your section then its index 5.
The solution is to either remove the Distributed Firewall from your Applied To column or the logical switch / other object that is conflicting.