Search Our Database

How to Configure IPSec VPN

Last updated on |
under
VMware Cloud
|
by

How to configure IPSec VPN

In the cases that the VM hosted in the VMware, Cloud requires to connect with other VM hosted in different Site or in HQ, and it must be communicating via internal LAN IP addresses only, this can be done by setting up the Site to Site IPSec VPN between the VMWare Cloud and the other site.

The Site to Site IPSec VPN tunnel can be set up by using the IPSec VPN feature in the VMWare Cloud Director.

  1. First, log into the tenant panel account, navigate into the Datacenter or the “Networking” tab, and click on the “Edges” gateways tab.

  1. Select the “Edge” gateway and it shall be directed into the Edge Gateway configuration page. Then navigate to the “IPSec VPN” settings to start to add in a new Site to Site IPSec VPN configuration.

 

3. Fill up the configuration information accordingly.

  • Name: Any name identical to the user
  • Description: Brief about the description
  • Pre-Shared Key: A key string that must be using the same on both FW end.
  • Security Profile: Use Default
  • Local Endpoint IP: Any available unused public IP address allocated to the VMWare Cloud.
  • Local Endpoint Networks: The routed network created associated to the Edge Gateway
  • Remote Endpoint IP: The public IP address on the remote site.
  • Remote Endpoint Networks: The internal network on the remote site which going to peer with the local site.

 

 

4. Once saved the configuration, may click on the “info” icon to verify again on the IP addresses.

 

5. If there’s requirement on the IPSec VPN configuration Security Profile (Encryption type settings), may select the IPSec VPN and click on the “SECURITY PROFILE CUSTOMIZATION”.

 

 

6. The Security Profile settings are required if the remote site is using a firewall device, whereby the profile settings must be using the same encryption type and settings on both ends. If the remote site is also using VMware Cloud platform, may remain the profile settings as Default

 

7. The configuration has completed on 1 side, next go to the remote site and configure the similar settings. In this guide, we are using VMware Cloud platform as the remote side. Repeat the similar configuration on the Site02 by adding the IPSec VPN.

 

8. Using the same configuration variables while swapping the Local Endpoint and Remote Endpoint IP Address as well as Networks on Site02

 

9. Once saved the configuration on Site02, the Site to Site VPN should be starting to establish in few minutes. May click on the “VIEW STATISTICS” to check on the VPN connection status.

 

Related Article

Related Posts