Get full access to VMware NSX Cookbook and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

How it works...

For the IPSEC VPN tunnel to be established, you and the peer must agree on a few parameters; these are the following:

Endpoint IP addresses of one another
Encryption algorithm to use
Peer subnets and local subnets that will be secured over the VPN
Authentication type and parameter—in this case, a Pre-Shared Key
Diffie-Hellman group

Once these parameters are agreed upon by both ends, each endpoint will go through phase 1 and 2 of establishing the VPN tunnel. If one of these parameters does not match on either side of the tunnel, then the tunnel will fail to be established.

It is commonly overlooked, but IPSEC VPN tunnels can only be created on the IP address associated to an Uplink interface and do not support internal interface ...

Get VMware NSX Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now