1 Reply Latest reply on May 7, 2020 6:12 AM by Chris Mentjox

    NAT Rules on Tier 1 Gateway in NSX-T 3.0

    lukasbe12 Lurker

      Hello

       

      I’m testing NSX-T 3.0. As I understand, i can assign an uplink to a Tier-0 router to the physical environment, but then, for example, i can create the NAT rules on the linked Tier-1 router. I can assign a segment to the Tier-1 gateway and create the NAT rules on the Tier-0 gateway , which then work . However, if I want to create the rules on the Tier 1 gateway, they will not work. I also noticed that in the HOL LAB environment with NSX-T 2.5, when creating a NAT rule on the Tier-1 router under “ Apply to ”, the Tier-0 Interface is displayed. However, when I install it in NSX-T 3.0, I cannot see the Interface in Tier-1 Nat Rules. I have already deleted all gateways (Tier-1 and Tier-0) in the HOL Lab and created them as in my environment, the interface is always displayed, but not in my environment.

       

      As it should be in the VMware HOL Lab with NSX-T 2.5:

      Interface on the Tier-0 gateway:

      nsx-1.png

      In the Tier-1 NAT rules under “ Apply To ” I can find the interface (this is missing in my NSX-T 3.0 installation):

      nsx-2.png

      nsx-3.png

      When I create NAT rules on the Tier-1 Gateway, which also work, I can see the interface on Tier-0 NAT Rules:
      nsx-4.png

      But not on the Tier 1 Gateway (Tier 1 Gateway is linked to Tier 0 Gateway & NAT Rues i defined on Tier-0 works to VMs on the Tier-1 Gateway):
      nsx-5.png

       

      My route advertisement settings on the Tier-1 (although I can also remove all settings in the HOL LAB environment and the interface is still displayed on the Tier-1 router):
      nsx-6.png

      And on Tier 0 (Again, however, I can remove everything in the HOL LAB and the interface is still displayed (Clearly the rules then no longer work):

      nsx-7.png

      Does anyone have an idea why when I create NAT rules on the Tier-1 gateway, the interface from Tier-0 is not displayed? I Think this is the Problem, that the NAT Rules on the Tier-1 Router not working.