An organization administrator can add static routes between two vApp networks that are routed to different organization vDC networks. Static routes allow traffic between the networks.

You cannot add static routes between overlapping networks or fenced vApps. After you add a static route to an organization vDC network, configure the network firewall rules to allow traffic on the static route. For vApps with static routes, select the Always use assigned IP addresses until this vApp or associated networks are deleted check box.

Static routes only function when the vApps included in the routes are running. If you change the parent network of a vApp, delete a vApp, or delete a vApp network, and the vApp includes static routes, those routes cannot function and you must remove them manually.

Verify that you have the following items:

vShield Manager 5.1.

Two organization vDC networks routed to the same external network.

Static routing is enabled on both organization vDC networks.

A vApp network is routed to each organization vDC network.

The vApp networks are in vApps that were started at least once.

1

Click Administration and select the organization vDC.

2

Click the Org vDC Networks tab, right-click the organization vDC network name, and select Configure Services.

3

Click the Static Routing tab and click Add.

4

Type a name, network address, and next hop IP address.

The network address is for the vApp network to which you want to add a static route. The next hop IP address is the external IP address of the router for the organization vDC network to which that vApp network is routed.

5

Select To external network and click OK.

6

Click Add.

7

Type a name, network address, and next hop IP address.

The network address is for the vApp network that is routed to this organization vDC network. The next hop IP address is the external IP address of the router for that vApp network.

8

Select Within this network and click OK.

9

Repeat Step 2 through Step 8 to add static routes to the second organization vDC network.

vApp Network 1 is routed to Org vDC Network 1. vApp Network 2 is routed to Org vDC Network 2. You can create static routes on the organization vDC networks to allow traffic between the vApp networks. You can use information about the vApp networks and organization vDC networks to create the static routes.

Network Information

Network Name

Network Specification

Router External IP Address

vApp Network 1

192.168.1.0/24

192.168.0.100

vApp Network 2

192.168.11.0/24

192.168.10.100

Org vDC Network 1

192.168.0.0/24

10.112.205.101

Org vDC Network 2

192.168.10.0/24

10.112.205.100

On Org vDC Network 1, create a static route to vApp Network 2 and another static route to vApp Network 1. On Org vDC Network 2, create a static route to vApp Network 1 and another static route to vApp Network 2.

Static Routing Settings for Org vDC Network 1

Static Route to Network

Route Name

Network

Next Hop IP Address

Route

vApp Network 2

tovapp2

192.168.11.0/24

10.112.205.100

To external network

vApp Network 1

tovapp1

192.168.1.0/24

192.168.0.100

Within this network

Static Routing Settings for Org vDC Network 2

Static Route to Network

Route Name

Network

Next Hop IP Address

Route

vApp Network 1

tovapp1

192.168.1.0/24

10.112.205.101

To external network

vApp Network 2

tovapp2

192.168.11.0/24

192.168.10.100

Within this network

Create firewall rules to allow traffic on the static routes.