When attempting to remove an NSX VPC Connectivity Profile, External IP Block, or IP Address Block, the operation fails because the object is still reported as being in use.

The error may appear similar to:

• VPC Connectivity Profile cannot be removed as it is being referenced by other objects.
• IpAddressBlock cannot be deleted as it is being referenced by other objects.

The referenced object path may include:

• /orgs/default/projects/default/vpcs/<VPC_NAME>/ip-address-allocations/_DEFAULT-SNAT_TRANSLATED

VMware NSX 9.x
VMware Cloud Foundation 9.x

The IP Address Block is still being consumed by the VPC Connectivity Profile’s Default Outbound NAT configuration.

When Default Outbound NAT is enabled on a VPC Connectivity Profile, NSX allocates translated SNAT IPs from the configured external IP block. These internal SNAT allocations are tracked under the VPC.

Because the IP Address Block is still referenced by the VPC default SNAT allocation, NSX prevents the IP Address Block or VPC Connectivity Profile reference from being removed.

This can occur even after all manually assigned VM External IPs have been removed.

Disable Default Outbound NAT on the affected VPC Connectivity Profile, then retry the removal.

*NOTE - This could temporarily impact ALL IP Address Blocks attached to profile being edited, if in use during this operation. 

1. Log in to the NSX Manager UI.
2. Navigate to:
   • VPCs > Profiles
3. Select the affected VPC Connectivity Profile.
4. Edit the profile.
5. Toggle Default Outbound NAT to Off.
6. Save the profile.
7. Wait for the profile realization status to show successful.
8. Retry removing the IP Address Block or removing the block from the VPC Connectivity Profile.

After Default Outbound NAT is disabled and saved, the internal _DEFAULT-SNAT_TRANSLATED allocation should be cleared, allowing the IP Address Block to be removed successfully.

Add a VPC Connectivity Profile

Firewall Policies in an NSX VPC