An Edge Gateway configuration can define an IPsec virtual private networking (VPN) service to provide secure virtual private networking within an organization, between organization VDC networks, or between an organization VDC network and an external IP address.
An EdgeGateway can contain zero or more GatewayIpsecVpnService elements, each of which defines VPN tunnels and endpoints.
<GatewayIpsecVpnService> <IsEnabled>true</IsEnabled> <Tunnel> <Name>Example VPN Tunnel</Name> <Description /> <IpsecVpnLocalPeer> <Id>3786bb05-dc9a-471b-91cd-554499d45629</Id> <Name>gw02</Name> </IpsecVpnLocalPeer> <PeerIpAddress>10.147.46.68</PeerIpAddress> <PeerId>C64E127E-5E86-C57C-17ED-EB175A7A1811</PeerId> <LocalIpAddress>10.147.46.66</LocalIpAddress> <LocalId>6844BBB4-24E6-7A50-0F29-EB175A7AD899</LocalId> <LocalSubnet> <Name>nw01</Name> <Gateway>192.168.1.1</Gateway> <Netmask>255.255.255.0</Netmask> </LocalSubnet> <PeerSubnet> <Name>nw02</Name> <Gateway>192.168.2.1</Gateway> <Netmask>255.255.255.0</Netmask> </PeerSubnet> <SharedSecret>L3hithJa3zH7K4q2tH...</SharedSecret> <SharedSecretEncrypted>false</SharedSecretEncrypted> <EncryptionProtocol>AES256</EncryptionProtocol> <Mtu>1500</Mtu> <IsEnabled>true</IsEnabled> </Tunnel> </GatewayIpsecVpnService>
To add this service to an Edge Gateway, include it in an EdgeGatewayServiceConfiguration. See Example: Configure Services on an Edge Gateway.