If the edge gateway for your vCloud Director organization virtual data center has been converted to an advanced edge gateway, you can use the tenant portal to configure the VPN capabilities that are provided by the NSX software for those advanced edge gateways. You can configure VPN connections to your organization virtual data center using an SSL VPN-Plus tunnel, an IPsec VPN tunnel, or an L2 VPN tunnel.

As described in the NSX Administration Guide, the NSX edge gateway supports these VPN services:

  • SSL VPN-Plus, which allows remote users to access private corporate applications.

  • IPsec VPN, which offers site-to-site connectivity between an NSX edge gateway and remote sites which also have NSX or which have third-party hardware routers or VPN gateways.

  • L2 VPN, which allows extension of your organization virtual data center by allowing virtual machines to retain network connectivity while retaining the same IP address across geographical boundaries.

In a vCloud Director environment, you can create VPN tunnels between:

  • Organization virtual data center networks on the same organization

  • Organization virtual data center networks on different organizations

  • Between an organization virtual data center network and an external network

Note:

vCloud Director does not support multiple VPN tunnels between the same two edge gateways. If there is an existing tunnel between two edge gateways and you want to add another subnet to the tunnel, delete the existing VPN tunnel and create a new one that includes the new subnet.

After you configure VPN tunnels for an edge gateway, you can use a VPN client from a remote location to connect to the organization virtual data center that is backed by that edge gateway.