Internet is unreachable from Hyper-V VMs through custom NAT

Question

I'm trying to set up a NAT on Windows 10 to provide Hyper-V VMs with access to both Internet and Cisco AnyConnect VPN configured on the host machine. In accordance with this manual I executed the following PowerShell script:

New-VMSwitch -SwitchName 'VM NAT switch' -SwitchType Internal  
New-NetIPAddress -IPAddress '192.168.2.1' -PrefixLength 24 -InterfaceAlias 'vEthernet (VM NAT switch)'  
New-NetNat -Name 'VM NAT' -InternalIPInterfaceAddressPrefix '192.168.2.0/24'  

The script was successfully completed and VM NAT Switch was assigned to a VM. But the IP address the VM was provided with at startup was 169.254.x.x, not 192.168.2.x. Then I tried to configure network connection in the VM manually as 192.168.2.2/24, default gateway 192.168.2.1. The settings was accepted, but the network was still unreachable:

I can ping the default gateway from the VM, though.

In the same time the network is reachable when Hyper-V Default Switch is used instead of my custom vSwitch. But I need to forward some ports through the NAT and I don't know how to do that with Default Switch.

What have I missed in the NAT configuration?