VMware NSX

 View Only
  • 1.  [NSX-T] L2 VPN services to third party VPN?

    Posted Aug 26, 2021 07:39 AM

    Hello,

    I need a a kind of simple layer 2 tunnel into a NSX-T segment from another building with minimum bandwith requirement for the tunnel itself (<< 10 Mbit/s). My goal is to get rid off an old BACnet based hardware server, but those BACnet end device need layer 2 connection to the BACnet server. So I actually need a L2 VPN server on NSX-T and a L2 VPN client in the other building.

    According to the administrator manual L2 VPN server is meant to be used with NSX-T edges, only:

    The L2 VPN service support is provided in the following deployment scenarios.
    
        Between an NSX-T Data Center L2 VPN server and an L2 VPN client hosted on an NSX Edge that is managed in an NSX Data Center for vSphere environment. A managed L2 VPN client supports both VLANs and VNIs.
        Between an NSX-T Data Center L2 VPN server and an L2 VPN client hosted on a standalone or unmanaged NSX Edge. An unmanaged L2 VPN client supports VLANs only.
        Between an NSX-T Data Center L2 VPN server and an L2 VPN client hosted on an autonomous NSX Edge. An autonomous L2 VPN client supports VLANs only.
        Beginning with NSX-T Data Center 2.4 release, L2 VPN service support is available between an NSX-T Data Center L2 VPN server and NSX-T Data Center L2 VPN clients. In this scenario, you can extend the logical L2 segments between two on-premises software-defined data centers (SDDCs).

    Has anyone tried setting up a layer 2 tunnel between NSX-T and a third party VPN server (Cisco, Fortinet, ...), i.e. IPsec + .... ?

    Setting up an additional hardware server with NSX-T on it, i.e. NSX Edge bare metal with its CPU/NIC requirements would be way oversized and too expensive. I´d rather need something like "NSX Edge bare metal on Raspberry Pi" instead.

    What would you propose?



  • 2.  RE: [NSX-T] L2 VPN services to third party VPN?

    Broadcom Employee
    Posted Aug 27, 2021 08:23 PM

    Understanding Layer 2 VPN (vmware.com)

    This L2 VPN feature is available only for NSX-T Data Center and does not have any third-party interoperability.



  • 3.  RE: [NSX-T] L2 VPN services to third party VPN?

    Posted Aug 28, 2021 07:30 AM


  • 4.  RE: [NSX-T] L2 VPN services to third party VPN?

    Posted Oct 20, 2021 06:30 AM

    Unfortunately the autonomous edge is only available as OVF. There seems to be no option to run it on a bare metal server.