Hi,
Can you try the below..
Replace <YOUR_VIA_CLIENT_IP> with the IP address of the VIA client you are checking and <YOUR_INSIDE_IP> with the IP address you are testing from...
show datapath session table <YOUR_VIA_CLIENT_IP>
show datapath session table <YOUR_VIA_CLIENT_IP> | include D
show datapath session table <YOUR_VIA_CLIENT_IP> | include <YOUR_INSIDE_IP>
Also, check the role that the VIA users are taking
show rights <VIA_USERS_ROLE>