In this KB article, we walk through how to enable an IPSec VPN on Edge Gateway Services within the VMware Cloud Director (VCD) Web Console environment for Lumen Private Cloud on VMware Cloud Foundation™.
You must configure at least one IPSec VPN site on the NSX Edge before enabling the IPSec VPN service.
Log in to your Lumen Private Cloud on VMware Cloud Foundation environment with an Org Admin Account.
Once logged in, click Data Centers in the top menu, and then click the Virtual Data Center summary box.
Click on Edges in the panel on the left side.
Click your Edge Gateway. Take note of the (Public) IP Address for the Edge Gateway.
Under Services, click IPSec VPN.
A new window will pop up. Follow the steps below:
Add IPsec VPN:
- Ativado Click slider to enable
- Enable perfect forward secrecy (PFS): default
- Nome: Name your IPSec VPN
- Local Id: Your Local Id
- Local Endpoint: IP address of Edge Gateway
- Local Subnets: Your Local Subnets
- Peer Id: Your Peer Id
- Peer Endpoint: IP address of Peer
- Peer Subnets: Your Peer Subnets
- Encryption Algorithm: Must match with peer
- Authentication: Must match with peer
- Change Shared Key:
- Pre-Shared Key: Shared Key
- Display Shared Key:
- Diffie-Hellman Group: Must match with peer
- Click KEEP.
- In the IPSec VPN Configuration page, select the Activation Status tab, and enable IPsec VPN Service Status.
- Next, configure the Peer/Remote Site.