diff --git a/src/SdnDiagnostics.psd1 b/src/SdnDiagnostics.psd1
index c0418323..be00272a 100644
--- a/src/SdnDiagnostics.psd1
+++ b/src/SdnDiagnostics.psd1
@@ -173,6 +173,7 @@
         'Test-SdnNonSelfSignedCertificateInTrustedRootStore',
         'Test-SdnClusterServiceState',
         'Test-SdnServiceState',
+        'Test-SdnVfpEnabledVMSwitch',
         'Test-SdnVfpPortTuple'
     )
 
diff --git a/src/modules/SdnDiag.Health.Config.psd1 b/src/modules/SdnDiag.Health.Config.psd1
index 186ca81b..d2b12e4c 100644
--- a/src/modules/SdnDiag.Health.Config.psd1
+++ b/src/modules/SdnDiag.Health.Config.psd1
@@ -98,6 +98,11 @@
             Impact = "Policy configuration failures may be reported by Network Controller when applying policies to the Hyper-v host. In addition, network traffic may be impacted."
             PublicDocUrl = ""
         }
+        'Test-SdnVfpEnabledVMSwitch'= @{
+            Description = "Multiple VFP enabled virtual switches detected on the Hyper-V host(s)."
+            Impact = "Policy configuration failures may be reported by Network Controller when applying policies to the Hyper-v host."
+            PublicDocUrl = ""
+        }
         'Test-VMNetAdapterDuplicateMacAddress' = @{
             Description = "Duplicate MAC address detected with the data plane on the Hyper-V host(s)."
             Impact = "Policy configuration failures may be reported by Network Controller when applying policies to the Hyper-v host. In addition, network traffic may be impacted for the interfaces that are duplicated."
diff --git a/src/modules/SdnDiag.Health.psm1 b/src/modules/SdnDiag.Health.psm1
index d05cc79f..64c27d7e 100644
--- a/src/modules/SdnDiag.Health.psm1
+++ b/src/modules/SdnDiag.Health.psm1
@@ -1593,6 +1593,7 @@ function Debug-SdnServer {
             Test-SdnServiceState -ServiceName $services
             Test-SdnProviderNetwork
             Test-SdnHostAgentConnectionStateToApiService
+            Test-SdnVfpEnabledVMSwitch
         )
 
         # enumerate all the tests performed so we can determine if any completed with WARN or FAIL
@@ -2373,6 +2374,43 @@ function Test-SdnHostAgentConnectionStateToApiService {
     return $sdnHealthTest
 }
 
+function Test-SdnVfpEnabledVMSwitch {
+    <#
+        .SYNOPSIS
+            Enumerates the VMSwitches on the system and validates that only one VMSwitch is configured with VFP.
+    #>
+
+    [CmdletBinding()]
+    param()
+
+    Confirm-IsServer
+    $sdnHealthTest = New-SdnHealthTest
+
+    try {
+        # enumerate the VMSwitches on the system and validate that only one VMSwitch is configured with VFP
+        $vmSwitches = Get-VMSwitch
+
+        $i = 0
+        foreach ($vmSwitch in $vmSwitches) {
+            $vfpExtension = $vmSwitch.Extensions | Where-Object { $_.Name -eq 'Microsoft Azure VFP Switch Extension' }
+            if ($vfpExtension.Enabled -eq $true) {
+                $i++
+            }
+        }
+
+        # if there is more than one VMSwitch configured with VFP, this is a failure
+        if ($i -gt 1) {
+            $sdnHealthTest.Result = 'FAIL'
+        }
+    }
+    catch {
+        $_ | Trace-Exception
+        $sdnHealthTest.Result = 'FAIL'
+    }
+
+    return $sdnHealthTest
+}
+
 ###################################
 ###### NC HEALTH VALIDATIONS ######
 ###################################