Prerequisites for Aviatrix Secure Edge Deployment on VMware ESXi and KVM

The following are the prerequisites to deploy an Aviatrix Edge Gateway for on-premises on customer managed VMware ESXi and KVM.

1. Aviatrix Controller Requirement

Upgrade to latest version of the Aviatrix Controller 7.1.

2. Ensure Edge Gateway Requirements

Ensure that you have sufficient resources to run the Edge Gateway and the network port access for the Edge Gateway to communicate with the Aviatrix Controller, Aviatrix CoPilot, and the Aviatrix Transit Gateway.

3. Ensure VMware ESXi and KVM Requirements

Ensure the following requirements are met.

  • VMware ESXi

    • OVA image for VMware ESXi (see Downloading the Aviatrix Secure Edge Image File).

    • VMware ESXi 6.7 or 7.0.1

    • (Optional) VMware vCenter Server

      For information about installing VMware products, refer to the VMware product documentation.

  • KVM

    • QCOW2 image for KVM (see Downloading the Aviatrix Secure Edge Image File).

    • KVM server running in Linux Bare Metal Server

    • CentOS 7.6-1810

    • QEMU Version 1.5.3, Release 160.el7_6.3

      For information about installing KVM products, refer to KVM product documentation.

4. Download the Aviatrix Secure Edge Image File

Before you begin the deployment of the Edge Gateway, download the Aviatrix Secure Edge image file from the Aviatrix Support Portal. You will use the image file to deploy the Aviatrix Secure Edge virtual machine.

  1. Log in to the Aviatrix Support Portal: <https://support.aviatrix.com>_.

  2. From the top navigation menu, click on Downloads.

  3. Answer the questions that are presented, then click Download next to the image that you want.

    The Aviatrix Secure Edge image file downloads to your Downloads folder.

5. Obtain Edge Gateway Interface IP Configurations

Obtain the Edge Gateway interface configuration details. You will need to provide the following information during Edge Gateway creation to configure the Edge Gateway interfaces.

Setting Description

WAN Interface IP/Mask

The WAN IP address.

WAN Default Gateway

The Default Gateway IP address for the WAN interface.

LAN Interface IP/Mask

The LAN IP address.

LAN Default Gateway

The Default Gateway IP address for the LAN interface.

Management Interface IP/Mask

The Management IP address.

Not required for DHCP.

Management Default Gateway

The Default Gateway IP address for the Management interface.

Not required for DHCP.

Management Egress IP

The Management Egress IP address to be allowed in the Controller Security Group.

Primary DNS Server

The Primary DNS server IP address for the Management interface.

Not required for DHCP.

Secondary DNS Server

The Secondary DNS server IP address for the Management interface.

Not required for DHCP.

VRRP

The VRRP IP address.

Not required if not using VRRP.

VRRP can be configured only if HA gateway is configured.

VLAN ID

The VLAN ID for each VLAN segment.

VLAN IP

The VLAN IP address for each VLAN segment.

VLAN Default Gateway

The Default Gateway IP address for each VLAN segment.

6. Ensure the Transit Gateway BGP ASN is Configured

For Edge Gateway attachment to the Aviatrix Transit Gateway, ensure the Transit Gateway BGP ASN is configured. High-Performance Encryption (HPE) is optional for Edge Gateway attachments.