Networking Guide
Table Of Contents
- VMware vCloud Air Networking Guide
- Contents
- About this Networking Guide
- Overview of Gateways and Networks
- About Managing Gateways and Networks
- Network Security and Secure Access
- Network Connectivity for Virtual Machines
- Direct Connect for vCloud Air
- Features of Direct Connect
- Reasons to Order Direct Connect
- Direct Connect Service Overview
- Direct Connect with Cross Connect
- Direct Connect for Network Exchange
- Direct Connect Use Cases
- About the Ordering and Provisioning Workflow
- Work with Your Provider to Set up Connection
- Order Direct Connect to vCloud Air
- Work with VMware to Complete Order
- View Direct Connect in vCloud Air
- Route Traffic Through Direct Connect
- Index
n
Peer ID: specifies the public IP address of the remote device terminating the VPN connection. If the
peer IP address is from another organization VDC network, you enter the peer's native IP address. If
NAT is configured for the peer, you enter the private peer IP address.
n
Peer IP: specifies the public IP address of the remote device to which you are connecting. If NAT is
configured for the peer, you enter the public IP address that the devices uses for NAT.
n
Local ID: specifies the public IP address of the gateway. You can enter an IP address or hostname in
conjunction with the gateway firewall.
Example: Configuring IPsec VPN Connection between VM1 and VM2
The following diagram shows an example for how to specify the VPN connection settings correctly:
Figure 3‑1. Architecture: IPsec VPN between vCloud Air and a Remote Site
Specifying the peer IDs and peer IPs configure how network traffic travels from one side of the connection
to the other side. In the example above, the peer ID and peer IP for the vCloud Air side of the connection are
different values because in the on-premises side of the connection, the on-premises gateway is not directly
accessible from the Internet (it connects to the Internet through another device, specifically an external
router). In the on-premises side of the connection, the peer ID and peer IP are the same value because the
gateway in vCloud Air is directly accessible from the Internet (it does not sit behind another device).
Set up an IPsec VPN Connection to a Remote Site
This procedure provides the steps to create an IPsec VPN connection between vCloud Air and a remote site.
In this procedure, you configure the vCloud Air side of the connection.
You use vCloud Director to configure the IPsec VPN connection. You configure an IPsec VPN connection as
part of configuring gateway services in vCloud Director.
VMware vCloud Air Networking Guide
32 VMware, Inc.