VeloCloud supports the following Non-VeloCloud Site configurations:

  • Check Point
  • Cisco ASA
  • Cisco ISR
  • Generic IKEv2 Router (Route Based VPN)
  • Microsoft Azure Virtual Hub
  • Palo Alto
  • SonicWALL
  • Zscaler
  • Generic IKEv1 Router (Route Based VPN)
  • Generic Firewall (Policy Based VPN)
    Note: VeloCloud now supports both Generic IKEv1 Router (Route Based VPN) and Generic IKEv2 Router (Route Based VPN) Non-VeloCloud Site Configurations.

Cisco ISR

Cisco ISR is one of the more common third party configurations. Instructions on how to configure with Cisco ISR in the VeloCloud Orchestrator are listed below.

To configure via Cisco ISR:

  1. Go to Configure > Network Services.
  2. In the Non-VeloCloud Sites area, click the New button.

    The New Non-VeloCloud Site dialog box appears.

    complementary-config-third-party-datacenter-new-dialog

  3. In the New Non-VeloCloud Site dialog box:
    1. Enter the name of your site.
    2. Select Cisco ISR) from the Type drop-down menu.
    3. Type in the Primary VPN Gateway (and the Secondary VPN Gateway if necessary).
  4. Click Next.

    Your Non-VeloCloud Site is created, and a dialog box for your Non-VeloCloud Site appears. (See image below).

    complementary-config-third-party-site-dialog

  5. In the dialog box for your Non-VeloCloud Site:
    1. Click the Advanced button located at the bottom of the dialog box.
    2. If not already selected, check the Enable Tunnel(s) checkbox.
    3. The VeloCloud Orchestrator generates a PSK by default. If you want to use your own PSK, type it in the PSK text box.
    4. Type in the Subnet and description for your site.
    5. To add a Secondary VPN Gateway click the Add button.
    6. To provide an optimal Source NAT IP to translate the source IP address, type the IP in the Source NAP IP text box.
    7. Click Save Changes.
      Note: The View IKE/IPSec Template button shows a sample configuration of the PSK and IP details that would be useful to configure a Non-VeloCloud Site.

Cisco ASA

Cisco ASA is another common third party configuration. Instructions on how to configure with Cisco ASA in the VeloCloud Orchestrator are listed below.

To configure via Cisco ASA:

  1. Go to Configure > Network Services.
  2. In the Non-VeloCloud Sites area, click the New button.

    The New Non-VeloCloud Site dialog box appears.

    complementary-config-third-party-cisco-asa-new-dialog

  3. In the New Non-VeloCloud Site dialog box:
    1. Enter the name of your site.
    2. Select Cisco ASA) from the Type drop-down menu.
    3. Type in the Primary VPN Gateway (and Secondary if necessary).
  4. Click Next.

    Your Non-VeloCloud Site is created, and a dialog box for your Non-VeloCloud Site appears.

    complementary-config-third-party-cisco-asa-site-dialog

  5. In the dialog box for your Non-VeloCloud Site:
    1. Click the Advanced button located at the bottom of the dialog box.
    2. If not already selected, select the Enable Tunnel(s) checkbox.
    3. The VeloCloud Orchestrator generates a PSK by default. If you want to use your own PSK, type it in the PSK text box.
    4. To add a Secondary VPN Gateway, click the Add button.
    5. Type in the Subnet and description for your site. (Type in Custom Source Subnets if necessary).
    6. To provide an optimal Source NAT IP if to translate the source IP address, type the IP in the Source NAP IP text box.
    7. Click Save Changes.
      Note: The View IKE/IPSec Template button shows a sample configuration of the PSK and IP details that would be useful to configure a Non-VeloCloud Site.

Microsoft Azure Virtual Hub

Microsoft Azure Virtual Hub is one of the more common third party configurations. For instructions on how to configure a Non-VeloCloud Site (NVS) of type Microsoft Azure Virtual Hub in VeloCloud Orchestrator, see Configure a Microsoft Azure Non-VeloCloud Site.