VMware Networking Community
aigiorgi
Contributor
Contributor
‎12-04-2014 11:55 PM
Jump to solution

NSX L2VPN compatibility

Hi everybody:

The NSX ICM student guide say about IPSEC (L3VPN)

Industry standard IPsec implementation:

  Full interoperability with Cisco, Juniper, Sonicwall, and others

I'm looking for a list of compatible vendors with L2VPN

Do you know or have you tested L2VPN with a third party appliance?

Can you tell me the brand and model/version of the third party appliance?

I'm pretty sure it it possible to connect with almost any because is a very simple technology and is an standard, but I want to be sure.

Thanks in advance

Al

Tags (3)
Reply
1 Solution

Accepted Solutions
ddesmidt
VMware Employee
VMware Employee
‎12-08-2014 02:30 AM
Jump to solution

For IPsec, we adhere to standard Ipsec and IKE RFCs (IKEv1). We have tested interop against Cisco, Juniper and sonicwall products (There are config example with Cisco 2812 + Cisco ASA 5510 + WatchGuard Firebox X500 in the Admin Guide too).


However L2VPN is using proprietary tunneling protocol and not using L2TP or GRE or standard tunneling protocols. The functionality is developed by extending SSLVPN engine of edge; therefore L2VPN uses SSL as transport. And so there is no interop with our SSLVPN & L2VPN since it is proprietary implementation.

Note: For L2VPN, you do not need NSX at the remote location. You deploy only the unmanaged standalone Edge Client.


Dimitri

View solution in original post

Reply
2 Replies
ddesmidt
VMware Employee
VMware Employee
‎12-08-2014 02:30 AM
Jump to solution

For IPsec, we adhere to standard Ipsec and IKE RFCs (IKEv1). We have tested interop against Cisco, Juniper and sonicwall products (There are config example with Cisco 2812 + Cisco ASA 5510 + WatchGuard Firebox X500 in the Admin Guide too).


However L2VPN is using proprietary tunneling protocol and not using L2TP or GRE or standard tunneling protocols. The functionality is developed by extending SSLVPN engine of edge; therefore L2VPN uses SSL as transport. And so there is no interop with our SSLVPN & L2VPN since it is proprietary implementation.

Note: For L2VPN, you do not need NSX at the remote location. You deploy only the unmanaged standalone Edge Client.


Dimitri

Reply
aigiorgi
Contributor
Contributor
‎12-08-2014 08:47 PM
Jump to solution

Thank you Dimitri

I didn't know about the unmanaged standalone Edge Client

Very interesting


Alberto


Reply
0 Kudos