While the gateway is reachable via ping from external sources, all virtual machines (VMs) connected to the VLAN-backed segment with the associated port group are unreachable and unable to communicate with the gateway.

• VMware NSX 4.2.X

• VMware vCenter 8.0 X

• VMware ESXi 8.0 X

The underlying issue occurs because the virtual switch on the Edge Nodes is missing the required Transport Zone. Without the correct Transport Zone assigned to the appropriate virtual switch, the Edge Node is prevented from processing traffic for the VLAN-backed segment via the Service Interface.

To resolve this issue, you must assign the missing Transport Zone to the edge configuration:

1. Log in to the NSX UI and navigate to System > Nodes > Edge Transport Nodes.

2. Verify your Edge switch configuration by reviewing the Edge Node settings. You must ensure all required virtual switches are associated with the correct Overlay or VLAN Transport Zones.

3. Edit the affected Edge Nodes and assign the correct Transport Zone to the virtual switch configuration.

4. Verify that the VMs are now able to successfully ping through the Edge using the Service Interface as the gateway.

5. (Optional) To thoroughly validate the traffic flow, perform a packet capture on the Edge Node to confirm that bidirectional traffic (Request/Reply) is now properly traversing the Service Interface.

• Expected Outcome: Once configured, all VMs on the affected VLAN-backed segment will be able to ping the gateway, and the Edge will correctly handle the Service Interface traffic.

• Support case references have been intentionally excluded from this article to comply with internal security and data sanitization best practices.