To stretch your network using L2 VPN, you configure an L2 VPN server (destination Edge) and an L2 VPN client (source Edge). You must then enable the L2 VPN service on both the server and the client.

A sub interface must have been added on a trunk interface of the NSX Edge. See Add a Sub Interface.


Configuring L2 VPN according to best practices can avoid problems such as looping and duplicate pings and responses.


The L2 VPN server is the destination NSX Edge to which the client is to be connected.


You can connect multiple sites to the L2 VPN server.


You must enable the L2 VPN service on the L2 VPN server (destination NSX Edge). If HA is already configured on this Edge appliance, ensure that Edge has more than one internal interface configured on it. If only a single interface is present and that has already been used by HA, L2 VPN configuration on the same internal interface will fail.


The L2 VPN client is the source NSX Edge that initiates communication with the destination Edge (L2 VPN server).


You must enable the L2 VPN service on the L2 VPN client (source NSX Edge).