Aviatrix Gateway to Aviatrix Gateway
This section describes how to configure an IPsec tunnel between an Aviatrix Gateway and another Aviatrix Gateway using Aviatrix Site2Cloud.
There are only a couple of reasons to use Site2Cloud when connecting two Aviatrix Gateways:
|
Deployment
There are two Aviatrix Gateways in this scenario. Since you are using the Site2Cloud feature, you must configure each side of the tunnel individually.
In this procedure the gateways are referred to as Gateway A and Gateway B. You can pick either gateway to be Gateway A or Gateway B.
Configure Tunnel from Gateway A to Gateway B
-
Follow the steps in Site2Cloud Configuration Workflow to create a Mapped or Unmapped external (Site2Cloud) connection. Use this table for specific field values.
Field Description Connect Public Cloud to
External Device: Static Route-Based/Static Route-Based (Mapped)/Static Policy-Based/Static Policy-Based (Mapped)
Local Gateway
Select Gateway A from the dropdown.
Remote Gateway Type
Aviatrix
Remote Gateway IP
Enter the public IP address of Gateway B.
Pre-shared Key
Leave blank and Aviatrix will generate
-
Click Save.
-
Once complete, click the vertical ellipsis menu next to the new external connection and select Download Configuration.
-
Select Aviatrix for Vendor, UCC for Platform and 1.0 for Software.
-
Click Download. You can use the information in this file to create the other side of the tunnel.
Configure Tunnel from Gateway B to Gateway A
-
Go to Networking > Connectivity > External Connections (S2C).
-
Create a new external connection using the information from the downloaded configuration file. Use this table for specific values:
Field Description Connect Public Cloud to
External Device: Static Route-Based/Static Route-Based (Mapped)/Static Policy-Based/Static Policy-Based (Mapped)
Local Gateway
Select Gateway B from the dropdown.
Remote Gateway Type
Aviatrix
Remote Gateway IP
Enter the public IP address of Gateway A.
Pre-shared Key
Leave blank and Aviatrix will generate
-
Click Save.
Test
Once complete, you can check tunnel status at Diagnostics > Cloud Routes > External Connections.
Troubleshoot
Wait 2-3 minutes for the tunnel to come up. If it does not come up within that time, check the IP addresses to confirm they are accurate. Additional troubleshooting is available at Diagnostics > Diagnostic Tools.