Specify a local (AWS) IP address, a remote (on-premises) public IP address, and a remote private IP address to create the SDDC end of the Layer 2 VPN tunnel.
VMware Cloud on AWS supports a single Layer 2 VPN tunnel between your on-premises installation and your SDDC.
- Log in to the VMC Console at https://vmc.vmware.com.
- Select .
- Click ADD VPN TUNNEL.
- Configure the VPN parameters.
Option Description Local IP Address
- Select the private IP address if you have configured AWS Direct Connect for this SDDC and want the VPN to use it. See Create a Private Virtual Interface for SDDC Management and Compute Network Traffic.
- Select the public IP address if you want the VPN to connect to the SDDC over Internet.
Remote Public IP Enter the remote public IP address of your on-premise L2VPN gateway. For an L2VPN, this is always the standalone NSX Edge appliance (see Download and Configure the Autonomous NSX Edge). Remote Private IP Enter the remote private IP address if the on-premise gateway is configured behind NAT.
- (Optional) Tag the VPN.
See Add Tags to an Object for more information about tagging NSX-T objects.
- (Optional) Add a Description.
- Click SAVE.
Depending on your SDDC environment, the Layer 2 VPN creation process might take a few minutes. When the Layer 2 VPN tunnel becomes available, the status changes to Up.