Verify that SNAT and DNAT rules are working correctly.

Procedure

  1. Log in the NSX Edge.
  2. Run get logical-routers to determine the VRF number for the tier-0 services router.
  3. Enter the tier-0 services router context by running the vrf <number> command.
  4. Run the get route command and make sure that the tier-1 NAT address appears. 
    nsx-edge(tier0_sr)> get route

Flags: c - connected, s - static, b - BGP, ns - nsx_static
nc - nsx_connected, rl - router_link, t0n: Tier0-NAT, t1n: Tier1-NAT

Total number of routes: 8

t1n  80.80.80.1/32        [3/3]         via 169.0.0.1
...
  5. If your Web VM is set up to serve Web pages, make sure you can open a Web page at http://80.80.80.1.
  6. Make sure that the tier-0 router's upstream neighbor in the physical architecture can ping 80.80.80.1.
  7. While the ping is still running, check the stats column for the DNAT rule.

    There should be one active session.