VMware allows the Enterprise users to define and configure a Non SD-WAN Destination instance and establish a secure IPSec tunnel directly from a SD-WAN Edge to a Non SD-WAN Destination.

Note: VMware supports only Generic IKEv2 Router (Route Based VPN) and Generic IKEv1 Router (Route Based VPN) Non SD-WAN Destination from Edge. This will enable the Edge to establish an IPSec tunnel to AWS datacenter or Azure datacenter. Currently, VMware only verifies IPSec tunnel support to AWS and Azure datacenters.

To configure a Non SD-WAN Destinations via Edge:

Procedure

  1. From the navigation panel in the SD-WAN Orchestrator, go to Configure > Network Services.
    The Services screen appears.
  2. In the Non SD-WAN Destinations via Edge area, click the New button.
    The Non SD-WAN Destinations via Edge dialog box appears.
  3. In the Service Name text box, enter a name for the Non SD-WAN Destination.
  4. From the Service Type drop-down menu, select either Generic IKEv2 Router (Route Based VPN) or Generic IKEv1 Router (Route Based VPN) as the IPSec tunnel type.
  5. Click Next.
    A Non SD-WAN Destination is created.
    Note: To support the datacenter type of Non SD-WAN Destination, besides the IPSec connection, you will need to configure Non SD-WAN Destination local subnets into the VMware system.

What to do next