In Part 2 of this series, we demonstrated how to establish single-site and multi-site VPNs in vShield Edge. In this final part of our three-part series, we will walk through establishing an Enterprise-to-Site VPN. This involves configuring the VPN appliance at the enterprise location, which may be a bit more complex. Follow the manufacturer’s instructions before establishing the VPN from the vShield Edge appliance.
1. First, configure an IPsec VPN on the physical appliance at the enterprise site. Use shared secret authentication and capture the shared secret to use for configuring the vShield Edge appliance later on. vShield Edge supports certificate-based authentication, but the interface provided to organization administrators does not. If certificate-based authentication is necessary, the cloud service provider must set up the VPN manually.
2. To enable the site-to-site VPN, open the Configure Services dialog from the virtual datacenter’s external network.
3. Set up the VPN to “A Remote Network” and give it a descriptive name. Fill in the descriptions for the enterprise VPN appliance, select an encryption protocol to match the enterprise VPN appliance’s setup, and provide the shared secret that was captured during the enterprise appliance setup.
4. Once the site-to-site VPN is set up, the tunnel status should be reported as Operational in the Configure Services dialog.
In sum, the industry-standard, IPsec-based VPN functionality of vShield Edge helps providers of vCloud Powered services allow enterprises to fully utilize public clouds without security concerns. vShield Edge allows virtual datacenters to seamlessly connect with the same level of security in both their cloud and physical deployments. Additionally, customers use a self-service interface to support their own security needs, and with chargeback mechanisms in place, providers of vCloud Powered services can effectively attract more business while building stronger relationships with customers.
Log on to Partner Central and download the whitepaper to learn more. For more information and updates visit vShield Edge and vCloud Director and follow us on Twitter @vCloud and @VMwareSP for the latest news!