This is an optional service that allows you to create VPN tunnel configurations to access one or more Non SD-WAN Destinations. The VMware provides the configuration required to create the tunnel(s) – including creating IKE IPsec configuration and generating a pre-shared key.
The following figure shows an overview of the VPN tunnels that can be created between the VMware and a Non SD-WAN Destination.
Optionally, an IP address can be specified for a Secondary VPN Gateway to form a Secondary VPN Tunnel between a SD-WAN Gateway and the Secondary VPN Gateway. Using Advanced Settings, Redundant VPN Tunnels can be specified for any VPN tunnels you create.
Add Non SD-WAN Destination VPN Gateway
Enter a Name and choose a Gateway Type. Specify the IP address for the Primary VPN Gateway and, optionally, specify an IP address for a Secondary VPN Gateway.
Configure Non SD-WAN Destination Subnets
Once you have created a Non SD-WAN Destination configuration, you can add site subnets and configure tunnel settings.
Click the Advanced button to configure tunnel settings for VPN Gateways, and to add Redundant VPN tunnel(s).
View IKE IPsec Configuration, Configure Non SD-WAN Destination Gateway
If you click the View IKE IPsec Configuration button, the information needed to configure the Non SD-WAN Destination Gateway appears. The Gateway administrator should use this information to configure the Gateway VPN tunnel(s).
Enable IPsec Tunnel
The Non SD-WAN Destination VPN tunnel is initially disabled. You must enable the tunnel(s) after the Non SD-WAN Destination Gateway has been configured and before first use of the Edge-to- Non SD-WAN Destination VPN.