Verify that SNAT and DNAT rules are working correctly.
Procedure
- Log in the NSX Edge.
- Run get logical-routers to determine the VRF number for the tier-0 services router.
- Enter the tier-0 services router context by running the vrf <number> command.
- Run the get route command and make sure that the tier-1 NAT address appears.
nsx-edge(tier0_sr)> get route
Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT
Total number of routes: 8
t1n 80.80.80.1/32 [3/3] via 169.0.0.1
...
- If your Web VM is set up to serve Web pages, make sure you can open a Web page at http://80.80.80.1.
- Make sure that the tier-0 router's upstream neighbor in the physical architecture can ping 80.80.80.1.
- While the ping is still running, check the stats column for the DNAT rule.
There should be one active session.