0

Practical NSX: L2 VPN

Another feature of the NSX edge is L2VPN which enable stretching layer 2 subnet over layer 3 networks. VLAN to VLAN, VXLAN to VXLAN, VLAN to VXLAN, VXLAN to VLAN are all supported configuration.

One site is configured as the L2 VPN Server and the other as the L2 VPN Client. Let’s set this up.

Below is the envirement we will be working with.

Setting up the server side

Double click on your edge > Manage > Settings > Intefaces

The first interface will be an outside facing interface connected to the “vms” portgroup

The second interface will be a trunk interface with a sub-interface configured. Please note: L2VPN-SERVER is a portgroup on my DVS, l2vpn-server is the logical switch that is connected to my VMs.

Now navigate to Manage > VPN > L2VPN

Check the server L2VPN mode, then choose your listener IP and your encryption.

Now let’s setup the site configuration

Choose a user id and a password and add the sub-interface created ealier.

Enable the service and pubish the changes.

Setting up the client side

You will be creating similar interfaces to the ones we created on the server side.

Double click on your edge > Manage > Settings > Intefaces

One the interfaces created, navigate to Manage > VPN > L2VPN

Check the client L2VPN mode then choose your listener IP and your encryption.

Enter the same user id and password that you used on the server side and add the sub-interface. Finally enable the service.

If evertthing has been enabled correctly your vpn should be showing a status of up.

Our test vms should also be able to ping each other.

You can also check your VPN statistics from any of your edges

I hope this post has been informative, please be social share (:

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

Sharing is caring!

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *