This is an optional service that allows you to create VPN tunnel configurations to access one or more Non VMware SD-WAN Sites. The VMware provides the configuration required to create the tunnel(s) – including creating IKE IPSec configuration and generating a pre-shared key.
The following figure shows an overview of the VPN tunnels that can be created between the VMware and a Non VMware SD-WAN Site.
Optionally, an IP address can be specified for a Secondary VPN Gateway to form a Secondary VPN Tunnel between a SD-WAN Gateway and the Secondary VPN Gateway. Using Advanced Settings, Redundant VPN Tunnels can be specified for any VPN tunnels you create.
Add Non VMware SD-WAN Site VPN Gateway
Enter a Name and choose a gateway Type. Specify the IP address for the Primary VPN Gateway and, optionally, specify an IP address for a Secondary VPN Gateway.
Configure Non VMware SD-WAN Site Subnets
Once you have created a Non VMware SD-WAN Site configuration, you can add site subnets and configure tunnel settings.
Click the Advanced button to configure tunnel settings for VPN Gateways, and to add Redundant VPN tunnel(s).
View IKE IPSec Configuration, Configure Non VMware SD-WAN Site Gateway
If you click the View IKE IPSec Configuration button, the information needed to configure the Non VMware SD-WAN Site Gateway appears. The Gateway administrator should use this information to configure the Gateway VPN tunnel(s).
Enable IPSec Tunnel
The Non VMware SD-WAN Site VPN tunnel is initially disabled. You must enable the tunnel(s) after the Non VMware SD-WAN Site Gateway has been configured and before first use of the Edge-to- Non VMware SD-WAN Site VPN.