Here are the steps to set up your networking: To begin using VMware Cloud on AWS to run workloads in your SDDC, you'll need to set up a network connecting your on-premises data center to the S...
See more...
Here are the steps to set up your networking: To begin using VMware Cloud on AWS to run workloads in your SDDC, you'll need to set up a network connecting your on-premises data center to the SDDC. This network can include a dedicated connection over AWS Direct Connect, an IPSec VPN, or both. While routing IPSec VPN traffic over Direct Connect can provide better performance at lower costs, you can start by setting up an IPSec VPN that connects to your SDDC over the Internet, then reconfigure that VPN to use Direct Connect later. When you open the Networking and Security tab of a new SDDC, you can run the Setup Networking and Security wizard to guide you through the steps needed to configure Direct Connect and a VPN, access the vCenter in your SDDC, and change the default DNS server if you want to. If you just want to set up a route-based VPN connecting your on-premises data center to your SDDC over the Internet, you can follow these steps. Create a Route-Based VPN A route-based VPN creates an IPsec tunnel interface and routes traffic through it as dictated by the SDDC routing table. A route-based VPN provides resilient, secure access to multiple subnets. When you use a route-based VPN, new routes are added automatically when new networks are created. [Read more] Create an On-Premises IPsec VPN Configuration of the gateway device in your on-premises data center might need to be performed by a member of your networking team. Consult the documentation for your gateway or firewall device to learn how to configure it to match the VPN settings you've configured. [Read more] Create a Network Segment Network segments are logical networks for use by workload VMs in the SDDC. [Read more] Add or Modify Management Gateway Firewall Rules By default, the management gateway blocks traffic to all destinations from all sources. Add Management Gateway firewall rules to allow traffic as needed. [Read more] Configure Management Network Private DNS Specify the addresses of your private DNS servers so that the management gateway, ESXi hosts, and management VMs resolve fully-qualified domain names (FQDNs) to IP addresses on the management network. [Read more]