5.5
Table Of Contents
- vCloud Director Administrator's Guide
- Contents
- vCloud Director Administrator's Guide
- Updated Information
- Getting Started with vCloud Director
- Adding Resources to vCloud Director
- Creating and Provisioning Organizations
- Understanding Leases
- Understanding Allocation Models
- Create an Organization
- Open the New Organization Wizard
- Name the Organization
- Specify the Organization LDAP Options
- Add Local Users to the Organization
- Set the Organization Catalog Sharing, Publishing, and Subscription Policies
- Configure Email Preferences
- Configure Organization Lease, Quota, and Limit Settings
- Confirm Settings and Create the Organization
- Allocate Resources to an Organization
- Open the Allocate Resources Wizard
- Select a Provider Virtual Datacenter
- Select an Allocation Model
- Configure the Allocation Model
- Allocate Storage
- Select Network Pool and Services
- Configure an Edge Gateway
- Configure External Networks
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Create an Organization Virtual Datacenter Network
- Name the Organization Virtual Datacenter
- Confirm Settings and Create the Organization Virtual Datacenter
- Working With Catalogs
- Managing Cloud Resources
- Managing Provider Virtual Datacenters
- Enable or Disable a Provider Virtual Datacenter
- Delete a Provider Virtual Datacenter
- Modify a Provider Virtual Datacenter Name and Description
- Merge Provider Virtual Datacenters
- Enable or Disable a Provider Virtual Datacenter Host
- Prepare or Unprepare a Provider Virtual Datacenter Host
- Upgrade an ESX/ESXi Host Agent for a Provider Virtual Datacenter Host
- Repair a Provider Virtual Datacenter ESX/ESXi Host
- Enable vSphere VXLAN on an Upgraded Provider Virtual Datacenter
- Provider Virtual Datacenter Datastores
- Add a Storage Policy to a Provider Virtual Datacenter
- Edit the Metadata for a Storage Policy on a Provider Virtual Datacenter
- Add a Resource Pool to a Provider Virtual Datacenter
- Enable or Disable a Provider Virtual Datacenter Resource Pool
- Detach a Resource Pool From a Provider Virtual Datacenter
- Migrate Virtual Machines Between Resource Pools on a Provider Virtual Datacenter
- Configure Low Disk Space Thresholds for a Provider Virtual Datacenter Datastore
- Send an Email Notification to Provider Virtual Datacenter Users
- Managing Organization Virtual Datacenters
- Create an Organization Virtual Datacenter
- Open the New Organization Virtual Datacenter Wizard
- Select an Organization for the Organization Virtual Datacenter
- Select a Provider Virtual Datacenter
- Select an Allocation Model
- Configure the Allocation Model
- Allocate Storage
- Select Network Pool and Services
- Configure an Edge Gateway
- Configure External Networks
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Create an Organization Virtual Datacenter Network
- Name the Organization Virtual Datacenter
- Confirm Settings and Create the Organization Virtual Datacenter
- Enable or Disable an Organization Virtual Datacenter
- Delete an Organization Virtual Datacenter
- Organization Virtual Datacenter Properties
- Add a Storage Policy to an Organization Virtual Datacenter
- Create an Organization Virtual Datacenter
- Managing External Networks
- Managing Edge Gateways
- Add an Edge Gateway
- Open the New Edge Gateway Wizard
- Select Gateway and IP Configuration Options for a New Edge Gateway
- Select External Networks for a New Edge Gateway
- Configure IP Settings on a New Edge Gateway
- Suballocate IP Pools on a New Edge Gateway
- Configure Rate Limits on a New Edge Gateway
- Configure the Name and Description of a New Edge Gateway
- Review the Configuration of a New Edge Gateway
- Configuring Edge Gateway Services
- Configure DHCP for an Edge Gateway
- Add a Source NAT rule to an Edge Gateway
- Add a Destination NAT rule to an Edge Gateway
- Configure the Firewall for an Edge Gateway
- Add a Firewall Rule for an Edge Gateway
- Reorder Firewall Rules for an Edge Gateway
- Enable VPN for an Edge Gateway
- Configure Public IPs for External Networks
- Creating VPN Tunnels on an Edge Gateway
- Create a VPN Tunnel In an Organization for an Organization Virtual Datacenter Network Backed by an Edge Gateway
- Create a VPN Tunnel Between Organizations
- Create a VPN Tunnel From an Organization Virtual Datacenter Network Backed by an Edge Gateway to a Remote Network
- Display Peer Settings for a VPN Tunnel to a Remote Network
- Edit VPN Settings
- Enable Static Routing on an Edge Gateway
- Managing Load Balancer Service on an Edge Gateway
- Editing Edge Gateway Properties
- Upgrade an Edge Gateway
- Delete an Edge Gateway
- View IP Use for an Edge Gateway
- Apply Syslog Server Settings to an Edge Gateway
- Add an Edge Gateway
- Managing Organization Virtual Datacenter Networks
- Adding Networks to an Organization Virtual Datacenter
- Configuring Organization Virtual Datacenter Network Services
- Configure DHCP for an Organization Virtual Datacenter Network
- Enable the Firewall for an Organization Virtual Datacenter Network
- Add a Firewall Rule for an Organization Virtual Datacenter Network
- Reorder Firewall Rules for an Organization Virtual Datacenter Network
- Enable VPN for an Organization Virtual Datacenter Network
- Create a VPN Tunnel Within an Organization
- Create a VPN Tunnel to a Remote Network
- Enable Static Routing for an Organization Virtual Datacenter Network
- Add Static Routes Between vApp Networks Routed to the Same Organization Virtual Datacenter Network
- Add Static Routes Between vApp Networks Routed to Different Organization Virtual Datacenter Networks
- Reset an Organization Virtual Datacenter Network
- View vApps and vApp Templates That Use an Organization Virtual Datacenter Network
- Delete an Organization Virtual Datacenter Network
- View IP Use for an Organization Virtual Datacenter Network
- Editing Organization Virtual Datacenter Network Properties
- Managing Network Pools
- Managing Cloud Cells
- Managing Service Offerings
- Register an Extension
- View or Modify Extension Properties
- Associate a Service Offering With an Organization Virtual Datacenter
- Disassociate a Service Offering From an Organization Virtual Datacenter
- Unregister an Extension
- Create a Service Instance
- Modify Service Instance Properties
- Add a Service Instance to a Virtual Machine
- Delete a Service Instance
- Managing Provider Virtual Datacenters
- Managing vSphere Resources
- Managing Organizations
- Managing System Administrators and Roles
- Add a System Administrator
- Import a System Administrator
- Enable or Disable a System Administrator
- Delete a System Administrator
- Edit System Administrator Profile and Contact Information
- Send an Email Notification to Users
- Delete a System Administrator Who Lost Access to the System
- Import a Group
- Delete an LDAP Group
- View Group Properties
- Roles and Rights
- Managing System Settings
- Modify General System Settings
- General System Settings
- Editing System Email Settings
- Configuring Blocking Tasks and Notifications
- Configuring the System LDAP Settings
- Customize the vCloud Director Client UI
- Configuring Public Addresses
- Configure the Account Lockout Policy
- Configure vCloud Director to use vCenter Single Sign On
- Monitoring vCloud Director
- Viewing Tasks and Events
- Monitor and Manage Blocking Tasks
- View Usage Information for a Provider Virtual Datacenter
- View Usage Information for an Organization Virtual Datacenter
- Using vCloud Director's JMX Service
- Viewing the vCloud Director Logs
- vCloud Director and Cost Reporting
- Monitoring Quarantined Files
- Roles and Rights
- Index
Create a VPN Tunnel Within an Organization
You can create a VPN tunnel between two organization virtual datacenter networks in the same
organization.
Both system administrators and organization administrators can create VPN tunnels.
If a firewall is between the tunnel endpoints, you must configure it to allow the following IP protocols and
UDP ports:
n
IP Protocol ID 50 (ESP)
n
IP Protocol ID 51 (AH)
n
UDP Port 500 (IKE)
n
UDP Port 4500
Prerequisites
Verify that you have at least two routed organization virtual datacenter networks with non-overlapping IP
subnets and VPN enabled on both networks.
Procedure
1 Click the Manage & Monitor tab and click Organization VDCs in the left pane.
2 Double-click the organization virtual datacenter name to open the organization virtual datacenter.
3 Click the Org VDC Networks tab, right-click the organization virtual datacenter network name, and
select Configure Services.
4 Click the VPN tab and click Add.
5 Type a name and optional description.
6 Select a network in this organization from the drop-down menu and select a peer network.
7 Review the tunnel settings and click OK.
vCloud Director configures both peer network endpoints.
Create a VPN Tunnel to a Remote Network
You can create a VPN tunnel between an organization virtual datacenter network and a remote network.
System administrators and organization administrators can create VPN tunnels.
If a firewall is between the tunnel endpoints, you must configure it to allow the following IP protocols and
UDP ports:
n
IP Protocol ID 50 (ESP)
n
IP Protocol ID 51 (AH)
n
UDP Port 500 (IKE)
n
UDP Port 4500
Prerequisites
Verify that you have a routed organization virtual datacenter network and a routed remote network that
uses IPSec.
Procedure
1 Click the Manage & Monitor tab and click Organization VDCs in the left pane.
vCloud Director Administrator's Guide
90 VMware, Inc.