Virtual Private Cloud OnDemand Networking Guide
Table Of Contents
Option Description
Local Endpoint
From the drop-down list, select the network that is the local endpoint for
the connection. The local endpoint specifies the network in
Virtual Private Cloud OnDemand on which the gateway transmits.
Typically, the external network is the local endpoint.
Local ID
Enter the local ID, which is the public IP address of the gateway.
Peer ID
Enter the peer ID, which is the public IP address of the remote device
terminating the VPN connection.
NOTE If the peer IP address is from another organization VDC network,
enter the peer’s native IP address. If NAT is configured for the peer, enter
the private peer IP address.
Peer IP
Enter the peer IP, which is the public IP address of the remote device to
which you are connecting.
NOTE If NAT is configured for the peer, enter the public IP address that
the device uses for NAT.
Encryption protocol
Select the encryption type from the drop-down list.
NOTE The encryption type you select must match the encryption type
configured on the remote site VPN device.
Shared Key
Enter an alphanumeric string between 32 and 128 characters, which
includes at least one uppercase letter, one lowercase letter, and one
number.
NOTE The shared key must match the key that is configured on the remote
site VPN device.
MTU
Enter the the maximum transmission units (MTU) for the VPN connection.
The MTU is the maximum amount of data that can be transmitted in one
packet before it is divided into smaller packets.
For additional information on how to determine the correct values for the VPN connection settings, see
“About Setting up an IPsec VPN Connection,” on page 31.
10 Click OK.
The VPN configuration appears in the table.
What to do next
You must configure the IPsec VPN connection from both sides of the connection—
Virtual Private Cloud OnDemand and your on-premises facility. This procedure detailes how to configure
the connection for Virtual Private Cloud OnDemand. Configure the connection for your on-premises
facility.
SSL VPN for Data Center Extension
Using Data Center Extension, you can extend your enterprise network to the public cloud (vSphere or
vCloud Director), allowing you to move virtual machines from your private cloud to
Virtual Private Cloud OnDemand while retaining the same IP addresses and MAC addresses. Data Center
Extension is a Layer 2 extension from your existing enterprise network to Virtual Private Cloud OnDemand
over a secure SSL VPN connection. Once you are done, you can consume and manage your moved virtual
machines by using their same IP addresses and MAC addresses.
NOTE To use Data Center Extension with Virtual Private Cloud OnDemand, you must purchase a VMware
vCloud Connector Advanced Edition license.
With Data Center Extension, you can extend your existing IP address range from your on-premise data
center into Virtual Private Cloud OnDemand without the need to change your applications. Data Center
Extension uses an SSL VPN between two gateways thus bridging the two sites; you are not running VXLAN
over a WAN.
vCloud Air - Virtual Private Cloud OnDemand Networking Guide
34 VMware, Inc.