IPsec VPN Service Configurations

An Edge Gateway configuration can define an IPsec virtual private networking (VPN) service to provide secure virtual private networking within an organization, between organization VDC networks, or between an organization VDC network and an external IP address.

An EdgeGateway can contain zero or more GatewayIpsecVpnService elements, each of which defines VPN tunnels and endpoints.

IPsec VPN Service in an Edge Gateway

<GatewayIpsecVpnService>
   <IsEnabled>true</IsEnabled>
   <Tunnel>
      <Name>Example VPN Tunnel</Name>
      <Description />
      <IpsecVpnLocalPeer>
         <Id>3786bb05-dc9a-471b-91cd-554499d45629</Id>
         <Name>gw02</Name>
      </IpsecVpnLocalPeer>
      <PeerIpAddress>10.147.46.68</PeerIpAddress>
      <PeerId>C64E127E-5E86-C57C-17ED-EB175A7A1811</PeerId>
      <LocalIpAddress>10.147.46.66</LocalIpAddress>
      <LocalId>6844BBB4-24E6-7A50-0F29-EB175A7AD899</LocalId>
      <LocalSubnet>
         <Name>nw01</Name>
         <Gateway>192.168.1.1</Gateway>
         <Netmask>255.255.255.0</Netmask>
      </LocalSubnet>
      <PeerSubnet>
         <Name>nw02</Name>
         <Gateway>192.168.2.1</Gateway>
         <Netmask>255.255.255.0</Netmask>
      </PeerSubnet>
      <SharedSecret>L3hithJa3zH7K4q2tH...</SharedSecret>
      <SharedSecretEncrypted>false</SharedSecretEncrypted>
      <EncryptionProtocol>AES256</EncryptionProtocol>
      <Mtu>1500</Mtu>
      <IsEnabled>true</IsEnabled>
   </Tunnel>
</GatewayIpsecVpnService>

To add this service to an Edge Gateway, include it in an EdgeGatewayServiceConfiguration. See Configure Services on an Edge Gateway.