You must enable the L2 VPN service on the L2 VPN client (source NSX Edge).


  1. For the source NSX Edge, navigate to Manage > VPN > L2 VPN.
  2. In L2VPN Service Configuration, click Enable.

What to do next

  • Create NAT or firewall rule on the internet facing firewall side to enable the client and server to connect to each other.

  • If a trunk vNic backed by standard portgroup is being stretched, enable L2 VPN traffic manually by the following steps:

    1. Set Promiscuous mode to Accept.

    2. Set Forged Transmits to Accept.

    For more information, see ESXi and vCenter Server 5.5 Documentation.