Assist in troubleshooting Service Insertion issues.

Symptoms:

• **Note** Symptoms below can also occur with any of the service insertion partners.  Not just Palo Alto.  Palo used as example below.  See VMware Compatibility Guide for other Partner implementations that can be affected.
  • dfwpktlogs.log don't show any traffic being forwarded/fwd to the Palo Alto/Panorama environment.
  • Packet captures show no traffic flowing to the Palo Alto/Panorama environment.

Fixes in NSX-T Versions 3.1.1.0, 3.2.0.0, 2.5.3.0, 3.0.3.0.

Workaround:

1. Review for gvm extra config by running api call GET /nsxapi/api/v1/logical-switches
   1. Find the ID of the logical switch
   2. Then run: GET /nsxapi/api/v1/logical-switches/<id of logical switch>
2. Review for com.vmware.port.extraConfig.serviceInsertion.gvm extra config.
3. If the com.vmware.port.extraConfig.serviceInsertion.gvm extra config is not in the xml output for the logical switch service insertion is tied to, delete and rebuild the logical switch/segment.