WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Resources
    • Nested Virtualization
  • VMware Nostalgia
  • Apple
You are here: Home / Automation / Connecting to NSX-T Policy API using NSX-T Private IP in VMC

Connecting to NSX-T Policy API using NSX-T Private IP in VMC

05.30.2019 by William Lam // 3 Comments

As explained in my Getting started with NSX-T Policy API in VMware Cloud on AWS (VMC) article, there are two ways in which you can interact with the NSX-T Policy API in VMC. The initial method is with the NSX-T Reverse Proxy which designed for initial setup including Edge Firewall and connectivity configuration (VPN/Direct Connect). Once you have enabled remote access from your network to the SDDC, you can continue using the reverse proxy method or you can connect directly to the NSX-T Manager via its private IP Address.


So how do you actually connect to the NSX-T Manager using its private IP? To be honest, this was not something I had to do before as I really like the simplicity of the reverse proxy but since this came up today in one of our VMC Slack channels, I figured I take a closer look.

Before you begin, make sure you have either a VPN and/or Direct Connect configured from your on-premises environment to the SDDC and that the Edge Firewall has been configured to allow you to communicate to NSX-T instance in VMC.

Step 1 - Obtain the NSX-T Manager private IP Address by selecting the SDDC and clicking on the "Support" tab.

Step 2 - To authenticate to the NSX-T Manager, you will need to obtain a CSP Access Token given a CSP Refresh Token and is this is provided to NSX-T as a Bearer Token.

Step 3 - Perform the NSX-T Policy API request given Step 1 and Step 2.

Here is an example using Postman to list all NSX-T Segments. The operation will be a GET and the URL in my example is https://10.3.192.3/policy/api/v1/infra/tier-1s/cgw/segmentsThe Authorization will be of type Bearer Token and paste the Access Token into the Token field. Lastly, make sure you have Content-Type header to application/json. Click on the "Send" button to perform the operation and if successful, you should see the list of NSX-T Segments.


In addition, I have also create a cURL example with the following sample script called list_vmc_nsxt_network_segments_using_nsxt_private_ip.sh which requires both CSP Refresh Token and NSX-T Manager private IP Address.

Here is an example of running the shell script:

More from my site

  • How to retrieve the NSX-T Overview Info (SDDC Public IP, Appliance & Infra Subnet, etc.) in VMC?
  • Using NSX-T Policy API to retrieve the Routing Table in VMC
  • NSX-T Policy API Explorer, Docs and Sample Updates for VMC
  • NSX-T Opaque Networks now supported with Cross vCenter Workload Migration Fling
  • Which NSX-T Policy APIs are used in the NSX-T UI in VMC?

Categories // Automation, NSX, VMware Cloud on AWS Tags // NSX-T, Policy Manager API, VMC, VMware Cloud on AWS

Comments

  1. *protectedGeek squad support says

    06/11/2019 at 11:38 pm

    Very informative article.every blog in this website is just awesome.it exactly help me to find the content i m looking for

    Reply
  2. *protectedGeek squad says

    11/25/2019 at 1:16 am

    this blog is very good for all those want to know NSX-T policy very relevant information thanks for this good post keep us updated with latest knowledgeable posts

    Reply
  3. *protectedMcafee Activate says

    01/23/2020 at 2:22 am

    Thanks for the post and great tips! I found your website perfect for my needs. It contains wonderful and helpful posts.

    Reply

Thanks for the comment!Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • VMware Flings is now available in Free Downloads of Broadcom Support Portal (BSP) 05/19/2025
  • VMUG Connect 2025 - Minimal VMware Cloud Foundation (VCF) 5.x in a Box  05/15/2025
  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025
  • Quick Tip - Validating Broadcom Download Token  05/01/2025
  • Supported chipsets for the USB Network Native Driver for ESXi Fling 04/23/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...