Connect virtual networks with VPNaaS
You can now create site-to-site VPNs from Abiquo virtual datacenters to other virtual datacenters or other entities outside the platform.
To create a VPN between virtual datacenters, the first site must be a virtual datacenter using VMware with the NSX-NAT or NSX-gateway features. The second site can be another VMware virtual datacenter or an AWS virtual datacenter, or another VPN site.
Create virtual datacenters and private networks
If you are going to connect two VMware virtual datacenters, then you should check that the private networks that you will connect do not use the same IP address ranges. To ensure different networks, either create a virtual datacenter with a custom private network. See Manage Virtual Datacenters.
Or create additional private networks as required. See Manage Networks.
It is a good idea to make the new network the default for the virtual datacenter because if users deploy without configuring a NIC, the platform will automatically add one on the default network.
It may also be helpful to complete this table to record your network values before you create your VPN:
VDC name | VDC1 ________________ | VDC2 ________________ |
---|---|---|
VPN site name | ||
NAT IP | ||
Private networks |
For example:
VDC name | VDC1 ________________ | VDC2 ________________ |
---|---|---|
VPN site name | axsdTOaxsd2 | axsd2TOaxsd |
NAT IP | 10.200.100.8 | 10.200.100.23 |
Private networks |
|
|
Create the first VPN site
To work with VPNs, go to Virtual datacenters → select a Virtual datacenter → Network → VPN
To create a VPN, click the Add + button and complete the form.
Remember that you must use the same encryption and authentication options for both sites.
If your second site will be another VDC using VMware, you can select any encryption options.
If your second site will be a VDC in AWS, you will need to select options that Amazon supports, which are AES, DH2 and PSK.
Save the configuration for the first site.
Then repeat the above steps to create the configuration for the second site with the same encryption and authentication values and the inverse network values.
After you save the configuration of the second site, the platform will create the VPN.
You should now be able to check the status of the VPN connection on the VPN screen by clicking the Check link in the VPN Status column, or when you edit a VPN site.
For more information about site-to-site VPNs, see OpenVPN documentation.
Copyright © 2006-2022, Abiquo Holdings SL. All rights reserved