Virtual Private Cloud OnDemand Networking Guide

ManualsBrandsVMware ManualsApplicationsvCloud Air

Table Of Contents

vCloud Air - Virtual Private Cloud OnDemand Networking Guide

Set up an IPsec VPN Connection to a Remote Site

This procedure provides the steps to create an IPsec VPN connection between

Virtual Private Cloud OnDemand and a remote site. In this procedure, you configure the

Virtual Private Cloud OnDemand side of the connection.

You use vCloud Director to configure the IPsec VPN connection. You configure an IPsec VPN connection as

part of configuring gateway services in vCloud Director.

Prerequisites

Verify that you have networking administration privileges in Virtual Private Cloud OnDemand.

If a firewall is between the connection endpoints, you must configure it to allow the following IP protocols

and UDP ports:

IP Protocol ID 50 (ESP)

IP Protocol ID 51 (AH)

UDP Port 500 (IKE)

UDP Port 4500

Procedure

If necessary, click the expand icon ( ) to display the Virtual Data Centers pane.

2 Select the virtual data center that contains the gateway for which you want to add a VPN connection.

3 Click the Gateways tab.

The complete list of gateways configured for Virtual Private Cloud OnDemand appears. The virtual

data center to which each gateway belongs is displayed next to the gateway name.

4 Click the gateway for which you want to set up an IPsec VPN connection.

5 Click Manage Gateway in vCloud Director.

The vCloud Director Administration page > Edge Gateway tab appears.

6 Select the gateway name, right-click and choose Edge Gateway Services > VPN tab.

7 Check Enable VPN to enable the VPN networking service for the gateway.

8 Click Add.

The Add a Site-to-Site VPN configuration dialog appears.

9 Complete the following settings for the IPsec VPN connection:

Option Description

Name

Enter a name for the connection.

Description

(Optional) Enter a description for the connection.

Enable this VPN Configuration

Select the checkbox to enable the connection between the two VPN

endpoints.

Establish VPN to

From the drop-down menu, select a remote network.

Local Networks

In the text field, select the local network to which the connection applies.

Peer Networks

Enter the remote network to which the VPN connects.

NOTE Enter a network range (not a specific IP address) by entering the IP

address using CIDR format; for example, 192.168.99.0/24.

Chapter 3 Network Security and Secure Access

VMware, Inc. 33