VMware allows the Enterprise users to define and configure a Non VMware SD-WAN Site instance and establish a secure IPSec tunnel directly from a SD-WAN Edge to a Non VMware SD-WAN Site.

Note: VMware supports only Generic IKEv2 Router (Route Based VPN) and Generic IKEv1 Router (Route Based VPN) Non VMware SD-WAN Site from Edge. This will enable the Edge to establish an IPSec tunnel to AWS datacenter or Azure datacenter. Currently, VMware only verifies IPSec tunnel support to AWS and Azure datacenters.

To configure a Non SD-WAN Destinations via Edge:

Procedure

  1. From the navigation panel in the SD-WAN Orchestrator, go to Configure > Network Services.
    The Services screen appears.
  2. In the Non SD-WAN Destinations via Edge area, click the New button.
    The Non SD-WAN Destinations via Edge dialog box appears.
  3. In the Service Name text box, enter a name for the Non VMware SD-WAN Site.
  4. From the Service Type drop-down menu, select either Generic IKEv2 Router (Route Based VPN) or Generic IKEv1 Router (Route Based VPN) as the IPSec tunnel type.
  5. Click Next.
    A Non VMware SD-WAN Site is created.
    Note: To support the datacenter type of Non VMware SD-WAN Site, besides the IPSec connection, you will need to configure Non VMware SD-WAN Site local subnets into the VMware system.

What to do next