I'm running vCNS v5.5.0a with a load of vShield App firewall rules set up. When I check the syslogs for traffic matching the default any<>any rule, there are packets that matched rules and never should have reached the default rule. The source and dest IP address, and dest port definitely match other rules so i can't see why the rule higher up the list didn't catch the packets.
It's happening for various ports, e.g. DNS, Active Directory LDAP/Kerberos and the odd application. Anyone know why this is going on?
Thanks for any help.