You must have L2 VPN configuration rights assigned to the vCloud Director administrator for network stretching.

Procedure

  1. Log in to the vCloud Director and use curl to create a user session:
    curl -i -k -H "Accept:application/*+xml;version=1.5" -u 'root@System:password' -X POST https://vCD_IP/api/sessions
  2. Send a GET request to retrieve the organization ID.
    GET https://{{vcdServer}}/api/query?type=organization

    For example: /.../org/0712aa06-d241-4423-a6e7-80daeee8f71e

  3. Sent a GET request to retrieve all vCloud Director instance rights.
    GET https://{{vcdServer}}/api/admin?fields=RightReferences
    1. From the displayed result, search for type Organization vCD Gateway and copy/save them into a text editor.
  4. Send a GET request to retrieve the list of rights assigned to the organization.
    GET https://{{vcdServer}}/api/admin/org/Organization_ID/rights

    Use the Organization_ID retrieved in Step 2.

  5. Prepare an XML payload using the saved organization gateway rights retrieved in Step 4.

    This is an example of how the XML payload must look.

    <OrgRights xmlns="http://www.vmware.com/vcloud/v1.5">
    
    <RightReference href="https://10.139.112.187/api/admin/right/9dc33fcb-346d-30e1-8ffa-cf25e05ba801" name="Organization vDC Gateway: Convert to Advanced Networking" type="application/vnd.vmware.admin.right+xml"/>
    <RightReference href="https://10.139.112.187/api/admin/right/105191de-9e29-3495-a917-05fcb5ec1ad0" name="Organization vDC Gateway: View L2 VPN" type="application/vnd.vmware.admin.right+xml"/>
    <RightReference href="https://10.139.112.187/api/admin/right/eeb2b2a0-33a1-36d4-a121-6547ad992d59" name="Organization vDC Gateway: Configure L2 VPN" type="application/vnd.vmware.admin.right+xml"/>
      <RightReference href="https://10.139.112.187/api/admin/right/b755b050-772e-3c9c-9197-111c286f563d" name="Organization vDC Gateway: Configure Firewall" type="application/vnd.vmware.admin.right+xml"/>
            <RightReference href="https://10.139.112.187/api/admin/right/b0cfe989-521b-3d7f-9bc2-f23c74a99633" name="Organization vDC Network: Edit Properties" type="application/vnd.vmware.admin.right+xml"/>
            <RightReference href="https://10.139.112.187/api/admin/right/2c8d98ef-4acc-3be4-9214-fcb9682b7a19" name="Organization vDC Network: View Properties" type="application/vnd.vmware.admin.right+xml"/>
    
    </OrgRights>
  6. Send a PUT request to add the new permissions.
    PUT https://{{vcdServer}}/api/admin/org/Organization_ID/rights

    Use the Organization_ID obtained in Step 2.

What to do next

  • After the new permissions are added you can proceed to enable advance gateway networking and VDC network subinterface in the vCloud Director Web console menu.