This section describes the required software requirements and components to optimize connectivity between VMware Cloud on AWS and VMware enabled branches.

• VMware SD-WAN
  • Software version 3.3.2 or higher for “Non-VeloCloud-Site” (NVS) Policy-Based IPsec IKEv1
  • Software version 5.0.0.0 or higher for “Non SD-WAN Destination” (NSD) Route-Based IPsec for Edge and “Non SD-WAN Destination” (NSD) Route-Based IPsec for Gateway
  • “Edge Profile” configured for Edges
  • SD-WAN Edges appliance with clients connected on LAN or WLAN
  • Gateway address which can be procured at the time of configuring the NVS. Note: Private IP of Gateway is also needed (in this release, this IP is hidden from the UI and the network administrator must contact VMware SD-WAN support for this IP)
  • Traffic selection for subnets to be encrypted over tunnel (needed for policy based IPsec).
  • Client connected to a LAN-side Subnet of the SD-WAN Edges

• VMware Cloud on AWS:
  • Software Version SDDC M10v2 or higher for Policy-based IPSec IKEv1 VPN
  • Software Version SDDC M18.1 or higher for Route-Based IPsec VPN
  • Logical network in the form of a segment with a subnet
  • VMware Cloud Public IP
  • Traffic selection for subnets to be encrypted over tunnel (needed for policy based IPsec).
  • Client VMs connected to a segment within VMware Cloud on AWS that is designated as traffic for IPSec encryption