Networking Guide
Table Of Contents
- VMware vCloud Air Networking Guide
- Contents
- About this Networking Guide
- Overview of Gateways and Networks
- About Managing Gateways and Networks
- Network Security and Secure Access
- Network Connectivity for Virtual Machines
- Direct Connect for vCloud Air
- Features of Direct Connect
- Reasons to Order Direct Connect
- Direct Connect Service Overview
- Direct Connect with Cross Connect
- Direct Connect for Network Exchange
- Direct Connect Use Cases
- About the Ordering and Provisioning Workflow
- Work with Your Provider to Set up Connection
- Order Direct Connect to vCloud Air
- Work with VMware to Complete Order
- View Direct Connect in vCloud Air
- Route Traffic Through Direct Connect
- Index
Option Description
Source
Choose an option from the drop-down menu:
n
Any: allows traffic from any source on the external network to reach
the virtual machines.
n
Internal: apply this rule to all internal traffic.
n
External: apply this rule to all external traffic.
n
Specific CIDR, IP, or IP Range: type the CIDR notation of traffic to
apply this rule on.
Source Port
(Optional) Enter a port or port range to allow traffic from those ports to
reach your virtual machines on your internal network.
Destination
Choose an option from the drop-down menu:
n
Any: allows traffic from any virtual machine on your internal network
to access the external network.
n
Internal: apply this rule to all internal traffic.
n
External: apply this rule to all external traffic.
n
Specific CIDR, IP, or IP Range: type the CIDR notation of traffic to
apply this rule on.
Destination Port
(Optional) Enter a port or port range to allow traffic from those ports on
your virtual machines to reach the external network.
6 Click Save.
VPN and Remote Networks
Another aspect of network security is the connectivity you establish between your on premise data center
and the vCloud Air cloud. Based on the workload, a virtual machine can have various connectivity needs.
vCloud Air supports Internet, secure VPN, and Direct Connect secure connections between your remote site
and the vCloud Air cloud.
Each type of connection has different security features:
n
Secure Internet connectivity with firewall rules (a gateway service)
See “About Firewall Rules,” on page 28 in this guide for information.
n
Secure VPN:
n
IPsec VPN—secure site-to-site VPN
See “About IPsec VPN,” on page 31 and “Set up an IPsec VPN Connection to a Remote Site,” on
page 32 in this guide for information.
n
SSL VPN (Data Center Extension)—extension of your existing IP address range from your on-
premise data center into the cloud with Layer 2 extension
See “SSL VPN for Data Center Extension,” on page 34 in this guide for information.
n
Direct Connect—private connectivity providing a dedicated, connection (ideal for regulated
applications)
See Chapter 5, “Direct Connect for vCloud Air,” on page 41.
Create an IPsec VPN connection by using vCloud Air and vCloud Director. Create an SSL VPN (Data Center
Extension) connection by using vCloud Connector.
Related Information
n
See Create a VPN Tunnel to a Remote Network in vCloud Director Administrator’s Guide for information.
n
See the VMware Blog article How To Use VPN to Connect Multiple vCloud Air Clouds for more
information.
VMware vCloud Air Networking Guide
30 VMware, Inc.