This a working example of IPSEC tunnel between an NSX-V egde .

side 1 is Vcloud edge from a Vcloud tenant

side 2 is the CCB NSX-V edge from NLvc01

important is the combination of encryption , authentication & digest settings (IKE , Diffie-helman group , ..)

use How to create a s2s vpn tunnel in vCloud Director for explanation of the values

IPSEC tunnel name

Tenant wan IP

Tenant lan subnet

CCB wan IP

CCB lan subnet



side 1 configuration : Vcloud tenant side

IPsec configuration

enable IPSEC VPN Service status

add an IPsec vpn site

firewall configuration

add an additional VPN rule to allow traffic initiated from remote site (central site in this case)

you will need another rule for traffic initiated from local site .

side 2 configuration : side NSX -V CCB side

CCB edge is located on

IPsec configuration

add a new IPsec VPN site in CCB-NSX-EDGE01

-click save

firewall configuration

a general rule is already made for traffic initiated from local site .

check the tunnel status

Click show statistics

-Enabled is green.

-1 tunnel is up 0 tunnel are down.

it is OK