With L2 VPN, you can stretch multiple logical L2 networks (both VLAN and VXLAN) across L3 boundaries, tunneled within an SSL VPN. In addition, you can configure multiple sites on an L2 VPN server. Virtual machines remain on the same subnet when they are moved between sites and their IP addresses do not change. You also have the option to deploy a standalone edge on a remote site without that site being “NSX Enabled”. Egress optimization enables the edge to route any packets sent towards the Egress Optimization IP address locally, and bridge everything else.

L2 VPN thus allows enterprises to seamlessly migrate workloads backed by VXLAN or VLAN between physically separated locations. For cloud providers, L2 VPN provides a mechanism to on-board tenants without modifying existing IP addresses for workloads and applications.