You can create a VPN tunnel between two organization vDC networks in different organizations. The organizations can be part of the same vCloud Director installation or a different installation.

Both system administrators and organization administrators can create VPN tunnels.

If there is a firewall between the tunnel endpoints, you must configure it to allow the following IP protocols and UDP ports:

IP Protocol ID 50 (ESP)

IP Protocol ID 51 (AH)

UDP Port 500 (IKE)

UDP Port 4500

A routed organization vDC network in each of the organizations. The organization vDC networks must have non-overlapping IP subnets and site-to-site VPN enabled.

vShield Manager 5.1.

1

Click the Manage & Monitor tab and click Organization vDCs in the left pane.

2

Double-click the organization vDC name to open the organization vDC.

3

Click the Edge Gateways tab, right-click the edge gateway name and select Edge Gateway Services.

4

Click the VPN tab and click Add.

5

Type a name and optional description.

6

Select a network in another organization from the drop-down menu.

7

Click Connect to another organization, type the login information for the peer organization, and click Continue.

Option

Description

vCloud URL

The base URL of the vCloud instance that contains the peer organization. For example, https://www.example.com. Do not include /cloud or /cloud/org/orgname in the URL.

Organization

The organization name that is used as the unique identifier in the organization URL. For example, if the organization URL is https://www.example.com/cloud/org/myOrg, type myOrg.

Username

The user name of an organization administrator or system administrator that has access to the organization.

Password

The password associated with the user name.

8

Select a peer network.

9

Review the tunnel settings and click Connect.

vCloud Director configures both peer network endpoints.