Advanced Networking Services Guide
Table Of Contents
- vCloud Air Advanced Networking Services Guide
- Contents
- Preface
- Introducing Advanced Networking Services for vCloud Air
- Advanced Routing for vCloud Air
- Certificate and Security Group Management
- Network Security and Isolation
- Load Balancing
- Secure Access Using Virtual Private Networks
- IP Service Management: NAT and DHCP
- Index
Option Description
Pre-Shared Key
If you selected PSK as the authentication type, type an alphanumeric string
between 32 and 128 characters, which includes at least one uppercase
letter, one lowercase letter, and one number.
Indicates that the secret key shared between vCloud Air and the peer site
is to be used for authentication.
NOTE The shared key must match the key that is configured on the remote
site VPN device.
IMPORTANT VMware recommends that you configure a shared key when
anonymous sites will connect to the VPN service.
Display shared key
(Optional) Select to display the shared key on the peer site.
Diffie-Hellman Group
If you selected PSK as the authentication type, select the cryptography
scheme that will allow the peer site and the edge gateway in vCloud Air to
establish a shared secret over an insecure communications channel.
NOTE The Diffie-Hellman Group must match what is configured on the
remote site VPN device.
Extension
(Optional) Type one of the following options:
n
securelocaltrafficbyip=IPAddress to re-direct the edge gateway
local traffic over the IPsec VPN tunnel. This is the default value.
n
passthroughSubnets=PeerSubnetIPAddress to support overlapping
subnets.
5 Click OK.
The VPN configuration appears in the table.
What to do next
You must configure the IPsec VPN connection from both sides of the connection—vCloud Air and your on-
premises facility. This procedure details how to configure the connection for vCloud Air. Configure the
connection for your on-premises facility.
Chapter 6 Secure Access Using Virtual Private Networks
VMware, Inc. 65