The edge gateways in a vCloud Director environment support L2 VPN, which allows extension of your organization virtual datacenter by allowing virtual machines to retain network connectivity while retaining the same IP address across geographical boundaries. If the edge gateway for your organization virtual datacenter has been converted to an advanced edge gateway, you can use the tenant portal's L2 screen to configure the L2 VPN service on that edge gateway.

About this task

The NSX software provides an edge gateway's L2 VPN capabilities. L2 VPN allows you to configure a tunnel between two sites. Virtual machines remain on the same subnet in spite of being moved between these sites, which enables you to extend your organization virtual datacenter by stretching its network using L2 VPN. An edge gateway at one site can provide all services to virtual machines on the other site.

To create the L2 VPN tunnel, you configure an L2 VPN server and L2 VPN client. As described in the NSX Administration Guide, the L2 VPN server is the destination edge gateway and the L2 VPN client is the source edge gateway. After configuring the L2 VPN settings on each edge gateway, you must then enable the L2 VPN service on both the server and the client.


A routed organization virtual datacenter network created as a subinterface must exist on the edge gateways. See the vCloud Director Administrator's Guide for the steps on creating an external routed organization virtual datacenter network.


To use the vCloud Director tenant portal to work with an edge gateway's settings, the edge gateway must be converted to an advanced edge gateway. You can do this on the edge gateway in the vCloud Director Web console or from the tenant portal. For details on performing this step from the tenant portal, see Convert an Edge Gateway to an Advanced Edge Gateway.