If the edge gateway for your vCloud Director organization virtual datacenter has been converted to an advanced edge gateway, you can use the tenant portal to configure the VPN capabilities that are provided by the NSX software for those advanced edge gateways. You can configure VPN connections to your organization virtual datacenter using an SSL VPN-Plus tunnel, an IPsec VPN tunnel, or an L2 VPN tunnel.

As described in the NSX Administration Guide, the NSX edge gateway supports these VPN services:

  • SSL VPN-Plus, which allows remote users to access private corporate applications.

  • IPsec VPN, which offers site-to-site connectivity between an NSX edge gateway and remote sites which also have NSX or which have third-party hardware routers or VPN gateways.

  • L2 VPN, which allows extension of your organization virtual datacenter by allowing virtual machines to retain network connectivity while retaining the same IP address across geographical boundaries.

In a vCloud Director environment, you can create VPN tunnels between:

  • Organization virtual datacenter networks on the same organization

  • Organization virtual datacenter networks on different organizations

  • Between an organization virtual datacenter network and an external network

Note:

vCloud Director does not support multiple VPN tunnels between the same two edge gateways. If there is an existing tunnel between two edge gateways and you want to add another subnet to the tunnel, delete the existing VPN tunnel and create a new one that includes the new subnet.

After you configure VPN tunnels for an edge gateway, you can use a VPN client from a remote location to connect to the organization virtual datacenter that is backed by that edge gateway.