BILLmanager 5 Documentation
Documentation
/
BILLmanager 5 Documentation
/
Services provisioning
/
Virtual data center
/
Integration with VMware vCloud Director
/
Network management. VMware
/
IPSec VPN

IPSec VPN

IPSec VPN is used for creating a Virtual Private Network (VPN). In BILLmanager you can configure VPN between organization routers and between an organization network and a VPN-gateway. Navigate to Products/Services  Virtual DC  Routers IPsec VPN Add

Note:
If your network is behind the NAT, enter its public IP address in Products/Services  Virtual DC  Routers IPsec VPN IP addresses

Enter the following parameters:

  • Tunnel name;
  • Description; 
  • Connection type — select a VPN-tunnel type:
    • To organization network — VPN between routers of one organization. In VMware it is called "a network in this organization"; 
    • To remote network — VPN between an organization and a remote VPN-gateway.  In VMware, it is called "a remote network". 

Connecting to an organization network

Enter the following parameters:

  • Router — select an organization network router for which the VPN-tunnel will be created; 
  • Local/External networks — select networks that will be included in the VPN; 
  • Local/External connection point — set the IP-address of the local/external network routers;
  • Encryption protocol; 
  • Encryption key; 
  • MTU — the size of the maximum transmission unit. 

Connecting to a remote network

Enter the following parameters:

  • Local networks — select a local network connected to the router and used in VPN-connection; 
  • External networks — select a network connected to the external VPN-gateway; 
  • Local connection point — select a network to connect to the external VPN-gateway. Usually, the external network (Internet) is used;
  • Local ID — VPN unique identifier in the local network; 
  • External ID — VPN unique identifier in the public network  (Internet); 
  • External IP address — enter an external IP address of the remote network router;
  • Encryption protocol; 
  • Encryption key; 
  • MTU — the size of the maximum transmission unit.

Configuration rules

  • you cannot create two VPN-channels with the same source and destination connection points; 
  • local and external ID VPN must not repeat; 
  • an external IP address must not match the external IP address of the load balancing server;
  • VPN  external IP address must not be included in the source range of IP addresses of the DNAT rule.

VPN deletion rules: 

  • deleting the VPN will automatically delete its connection to networks;
  • "network-network" VPN connections are deleted as follows: deleting one VPN will automatically delete the second one.