NSX Edge supports site‐to‐site IPSec VPN between an NSX Edge instance and remote sites. NSX Edge supports certificate authentication, preshared key mode, IP unicast traffic, and no dynamic routing protocol between the NSX Edge instance and remote VPN routers. Behind each remote VPN router, you can configure multiple subnets to connect to the internal network behind an NSX Edge through IPSec tunnels. These subnets and the internal network behind a NSX Edge must have address ranges that do not overlap.
- API-URL is a URL of the form https://vcloud.example.com/network.
- id is a VMware Cloud Director unique identifier in the form of a UUID, as defined by RFC 4122.
- # is a small integer used in an NSX object identifier.
| Operation | Request | Request Body | Response |
|---|---|---|---|
| Retrieve the IPSec VPN configuration for the edge with identifier id. | GET API-URL/edges/id/ipsec/config | None | ipsec |
| Update the IPSec VPN configuration for the edge with identifier id. | PUT API-URL/edges/id/ipsec/config | ipsec | 204 No Content |
| Delete the IPSec VPN configuration for the edge with identifier id. | DELETE API-URL/edges/id/ipsec/config | None | 204 No Content |
| Retrieve IPSec VPN statistics for the edge with identifier id. | GET API-URL/edges/id/ipsec/statistics | None | ipsecStatusAndStats |
