Advanced Networking Services Guide

Table Of Contents

Procedure

1 Log in to vCloud Air and navigate to the vCloud Edge Gateway Services UI.

See “Log In and Navigate to Advanced Networking Services,” on page 9 for information.

2 Click the Routing tab and IPSEC VPN.

3 Next to Global configuration status, click Change.

The Global Configuration dialog box appears.

4 Type a global pre-shared key for those sites whose peer endpoint is set to any and select Display

shared key to display the key.

5 In the Extension text box, type one of the following options:

securelocaltrafficbyip=IPAddress to re-direct the edge gateway local traffic over the IPsec VPN

tunnel. This is the default value.

passthroughSubnets=PeerSubnetIPAddress to support overlapping subnets.

6 Select Enable certificate authentication and select the appropriate certificate.

7 Click OK.

What to do next

Configure the IPsec VPN connection to the remote site. See “Set up an IPsec VPN Connection to a Remote

Site,” on page 63.

Set up an IPsec VPN Connection to a Remote Site

This procedure provides the steps to create an IPsec VPN connection between vCloud Air and a remote site.

In this procedure, you configure the vCloud Air side of the connection.

For an explanation of each part of an IPsec VPN connection, such as peer networks, local endpoints, peer

IDs, peer IPs, and local IDs, see About Setting up an IPsec VPN Connection in the vCloud Air Networking

Guide.

Procedure

1 Log in to vCloud Air and navigate to the vCloud Edge Gateway Services UI. See “Log In and Navigate

to Advanced Networking Services,” on page 9 for information.

2 Click the Routing tab and IPSEC VPN.

Click the Add (

) icon.

The Add IPsec VPN dialog box appears.

Chapter 6 Secure Access Using Virtual Private Networks

VMware, Inc. 63