The platform enables you to create VPNs between virtual datacenter networks, and other entities. These VPNs use the IPsec framework.
...
Initial support for VPNs requires you to create a VPN entity for each side of a VPN that connects to virtual datacenter network. Both sides of a VPN must have the same encryption and authentication settings, as well as the and inverse local and remote network configurations.
The following table describes VPN support in the providers.
| AWS | VMware NSX | |
|---|---|---|
| Encryption | AES | AES, AES256, Triple DES, AES-GCM |
| Perfect forward secrecy enabled | mandatory | optional |
| DH group | DH2 | DH2, DH5, DH14 |
| Authentication | PSK (mandatory) | PSK (mandatory) |
It may be helpful to complete this table to record your network values before you create your VPN:
| VDC name | VDC1 ________________ | VDC2 ________________ |
|---|---|---|
| VPN entity name | ||
NAT IP | ||
| Private networks |
For example:
| VDC name | VDC1 ________________ | VDC2 ________________ |
|---|---|---|
| VPN entity name | axsdTOaxsd2 | axsd2TOaxsd |
NAT IP | 10.200.100.8 | 10.200.100.23 |
| Private networks |
|
|
The following table describes VPN support in the providers.
| AWS | VMware NSX | |
|---|---|---|
| Encryption | AES | AES, AES256, Triple DES, AES-GCM |
| mandatory | optional | |
| DH group | DH2 | DH2, DH5, DH14 |
| Authentication | PSK (mandatory) | PSK (mandatory) |
To work with VPNs from private cloud to public cloud, define the VPN entity in private cloud first.
To create the first VPN entity:
...
To create the other side of the VPN in another VDC:
- Select the Virtual datacenter
- Add another VPN entity using the remote network configuration of the first VPN as the local values.
...