asked on
Multiple IPsec VPNs vCloud Director 5.1 -> Cisco ASA
Hello, we are tenants in a vCloud director environment and we have setup two VPNs from our vCloud Organization network (routed to our service provider) to our on-premise network which uses Cisco ASA
The vCloud VPN setup is pretty straightforward: our 192.168.1.0 network is NATed to our providers public IP that they have assigned to us
Now we need to configure one more IPsec VPN from our vCloud, but this time only for one specific host (VM) of our vCloud network.
We can not see this option in vCloud, it seems it can only create site-to-site IPsec VPNs?
I am not sure which is the reason that the other side does not want to set it up as site-to-site VPN, they mentioned that they prefer to have
192.168.0.4/32 -> remote ip 1.2.3.4/32
and
192.168.0.5/32 -> remote ip 1.2.3.5/32
The screenshots of the vCloud VPN configuration look like this:
http://www.datastore365.com/blog/2012/02/configuring-a-vmware-vcloud-director-external-ipsec-site-to-site-vpn-connection-to-a-cisco-asa-firewall/
Maybe I should split my 192.168.1.0/24 network to a /30 , configure the new VPN there, and a /25 for the existing two VPNs ?
In this case would the two new subnets communicate with each other?
The vCloud VPN setup is pretty straightforward: our 192.168.1.0 network is NATed to our providers public IP that they have assigned to us
Now we need to configure one more IPsec VPN from our vCloud, but this time only for one specific host (VM) of our vCloud network.
We can not see this option in vCloud, it seems it can only create site-to-site IPsec VPNs?
I am not sure which is the reason that the other side does not want to set it up as site-to-site VPN, they mentioned that they prefer to have
192.168.0.4/32 -> remote ip 1.2.3.4/32
and
192.168.0.5/32 -> remote ip 1.2.3.5/32
The screenshots of the vCloud VPN configuration look like this:
http://www.datastore365.com/blog/2012/02/configuring-a-vmware-vcloud-director-external-ipsec-site-to-site-vpn-connection-to-a-cisco-asa-firewall/
Maybe I should split my 192.168.1.0/24 network to a /30 , configure the new VPN there, and a /25 for the existing two VPNs ?
In this case would the two new subnets communicate with each other?
VMwareVPNSoftware Firewalls
Last Comment
sk391
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.