Using the edge gateway, you can set up a tunnel between a local subnet and a peer subnet.


If you connect to a remote site via IPsec VPN, the IP address of that site cannot be learned by Dynamic Routing on the uplink of the edge gateway.


You can specify on a global level how your IPsec VPN connection to vCloud Air uses certificate authentication and a pre-shared key.


This procedure provides the steps to create an IPsec VPN connection between vCloud Air and a remote site. In this procedure, you configure the vCloud Air side of the connection.