5.1
Table Of Contents
- vCloud Director Administrator's Guide
- Contents
- vCloud Director Administrator's Guide
- Updated Information
- Getting Started with vCloud Director
- Adding Resources to vCloud Director
- Creating and Provisioning Organizations
- Understanding Leases
- Create an Organization
- Allocate Resources to an Organization
- Open the Allocate Resources Wizard
- Select a Provider vDC
- Select an Allocation Model
- Configure the Allocation Model
- Allocate Storage
- Select Network Pool and Services
- Configure an Edge Gateway
- Configure External Networks
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Create an Organization vDC Network
- Name the Organization vDC
- Confirm Settings and Create the Organization vDC
- Creating a Published Catalog
- Managing Cloud Resources
- Managing Provider vDCs
- Enable or Disable a Provider vDC
- Delete a Provider vDC
- Modify a Provider vDC Name and Description
- Merge Provider vDCs
- Enable or Disable a Provider vDC Host
- Prepare or Unprepare a Provider vDC Host
- Upgrade an ESX/ESXi Host Agent for a Provider vDC Host
- Repair a Provider vDC ESX/ESXi Host
- Enable vSphere VXLAN on an Upgraded Provider vDC
- Provider vDC Datastores
- Add a Storage Profile to a Provider vDC
- Edit the Metadata for a Storage Profile on a Provider vDC
- Add a Resource Pool to a Provider vDC
- Enable or Disable a Provider vDC Resource Pool
- Detach a Resource Pool From a Provider vDC
- Migrate Virtual Machines Between Resource Pools on a Provider vDC
- Configure Low Disk Space Warnings for a Provider vDC Datastore
- Send an Email Notification to Provider vDC Users
- Managing Organization vDCs
- Create an Organization vDC
- Open the New Organization vDC Wizard
- Select an Organization for the Organization vDC
- Select a Provider vDC
- Select an Allocation Model
- Configure the Allocation Model
- Allocate Storage
- Select Network Pool and Services
- Configure an Edge Gateway
- Configure External Networks
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Create an Organization vDC Network
- Name the Organization vDC
- Confirm Settings and Create the Organization vDC
- Enable or Disable an Organization vDC
- Delete an Organization vDC
- Organization vDC Properties
- Add a Storage Profile to an Organization vDC
- Create an Organization vDC
- Managing External Networks
- Managing Edge Gateways
- Add an Edge Gateway
- Open the New Edge Gateway Wizard
- Select Gateway and IP Configuration Options for a New Edge Gateway
- Select External Networks for a New Edge Gateway
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Configure the Name and Description of a New Edge Gateway
- Review the Configuration of a New Edge Gateway
- Configuring Edge Gateway Services
- Configure DHCP for an Edge Gateway
- Add a Source NAT rule to an Edge Gateway
- Add a Destination NAT rule to an Edge Gateway
- Configure the Firewall for an Edge Gateway
- Add a Firewall Rule for an Edge Gateway
- Reorder Firewall Rules for an Edge Gateway
- Enable VPN for an Edge Gateway
- Configure Public IPs for External Networks
- Creating VPN Tunnels on an Edge Gateway
- Edit VPN Settings
- Enable Static Routing on an Edge Gateway
- Managing Load Balancer Service on an Edge Gateway
- Editing Edge Gateway Properties
- Delete an Edge Gateway
- View IP Use for an Edge Gateway
- Apply Syslog Server Settings to an Edge Gateway
- Add an Edge Gateway
- Managing Organization vDC Networks
- Adding Networks to an Organization vDC
- Configuring Organization vDC Network Services
- Configure DHCP for an Organization vDC Network
- Enable the Firewall for an Organization vDC Network
- Add a Firewall Rule for an Organization vDC Network
- Reorder Firewall Rules for an Organization vDC Network
- Enable VPN for an Organization vDC Network
- Create a VPN Tunnel Within an Organization
- Create a VPN Tunnel to a Remote Network
- Enable Static Routing for an Organization vDC Network
- Add Static Routes Between vApp Networks Routed to the Same Organization vDC Network
- Add Static Routes Between vApp Networks Routed to Different Organization vDC Networks
- Reset an Organization vDC Network
- View vApps and vApp Templates That Use an Organization vDC Network
- Delete an Organization vDC Network
- View IP Use for an Organization vDC Network
- Editing Organization vDC Network Properties
- Managing Network Pools
- Managing Cloud Cells
- Managing Provider vDCs
- Managing vSphere Resources
- Managing Organizations
- Managing System Administrators and Roles
- Add a System Administrator
- Import a System Administrator
- Enable or Disable a System Administrator
- Delete a System Administrator
- Edit System Administrator Profile and Contact Information
- Send an Email Notification to Users
- Delete a System Administrator Who Lost Access to the System
- Import a Group
- Delete an LDAP Group
- View Group Properties
- Roles and Rights
- Managing System Settings
- Modify General System Settings
- General System Settings
- Editing System Email Settings
- Configuring Blocking Tasks and Notifications
- Configuring the System LDAP Settings
- Customize the vCloud Director Client UI
- Configuring Public Addresses
- Configure the Account Lockout Policy
- Configure vCloud Director to use vCenter Single Sign On
- Monitoring vCloud Director
- Roles and Rights
- Index
If a firewall is between the tunnel endpoints, you must configure it to allow the following IP protocols and
UDP ports:
n
IP Protocol ID 50 (ESP)
n
IP Protocol ID 51 (AH)
n
UDP Port 500 (IKE)
n
UDP Port 4500
Prerequisites
Verify that you have at least two routed organization vDC networks in the organization. One of these networks
must be backed by the edge gateway. Both organization vDC networks must have VPN enabled.
Procedure
1 Click the Manage & Monitor tab and click Organization vDCs in the left pane.
2 Double-click the organization vDC name to open the organization vDC.
3 Click the Edge Gateways tab, right-click the edge gateway name. and select Edge Gateway Services.
4 Click the VPN tab and click Add.
5 Type a name and optional description.
6 Select a network in this organization from the drop-down menu and select local and peer networks.
7 Review the tunnel settings and click OK.
vCloud Director configures both peer network endpoints.
Create a VPN Tunnel Between Organizations
You can create a VPN tunnel between two organization vDC networks in different organizations. The
organizations can be part of the same vCloud Director installation or a different installation.
Both system administrators and organization administrators can create VPN tunnels.
If there is a firewall between the tunnel endpoints, you must configure it to allow the following IP protocols
and UDP ports:
n
IP Protocol ID 50 (ESP)
n
IP Protocol ID 51 (AH)
n
UDP Port 500 (IKE)
n
UDP Port 4500
Prerequisites
n
A routed organization vDC network in each of the organizations. The organization vDC networks must
have non-overlapping IP subnets and site-to-site VPN enabled.
n
vShield Manager 5.1.
Procedure
1 Click the Manage & Monitor tab and click Organization vDCs in the left pane.
2 Double-click the organization vDC name to open the organization vDC.
3 Click the Edge Gateways tab, right-click the edge gateway name and select Edge Gateway Services.
4 Click the VPN tab and click Add.
vCloud Director Administrator's Guide
72 VMware, Inc.