Professional Documents
Culture Documents
David Davis
VirtualizationSoftware.com
@DavidMDavis
Understanding Requirements
Hardware
Any IPSec VPN-capable firewall/router/VPN hardware device
Pros: dedicated, offloaded
Cons: cost, configuration complexity
Examples: Cisco, Fortinet, Sonicwall, and others
Software
Any IPSec VPN-capable virtual firewall/router/VPN software solution
Pros: ease of configuration, low cost
Cons: dependent on virtual infrastructure, shared resources
Examples: vCloud Networking and Security (vCNS, formerly vShield), pfSense, and others
Network Diagram
Internet
Net 10.0.1.0/24
GW 10.0.1.1
Public IP 2.2.2.2
VM net config IPSec Tunnel Passes Net 10.0.0.0/24
IP 10.0.1.20 /24 IPSec Tunnel Passes Allow 10.0.1.0/24 to GW 10.0.0.1
DG 10.0.1.1 Allow 10.0.0.0/24 to 10.0.0.0/24 Public IP 1.1.1.1
DNS 10.0.1.254 10.0.1.0/24
VM net config
IP 10.0.0.20 /24
DG 10.0.0.1
DNS 10.0.0.254
Creating a site-to-site VPN between vSphere and vCHS
The VPN solution you chose shouldnt change the end result
That is a secure hybrid cloud between vSphere and vCHS Interconnected resources
with interconnected resources
Be prepared to troubleshoot!
Summary
Understanding requirements