Home > GUI > Devices > VGVA Port Settings
Logo

VGVA Port Settings

VGVA Port Settings

Configure port settings for a VGVA (VPN Gateway Virtual Appliance. Save changed VGVA port settings, and optionally update the VGVA immediately.

Navigation

Navigate using the tab icons. Hover over an icon to see the name of the tab.

Manage  > Devices > vgva_name  > Configuration > Port Configuration

Depending on the VGVA deployment, you might not use only Eth0 (WAN) interface or the Eth0 and Eth1 (LAN) interfaces.

To configure the ETH0 and ETH1 interfaces, enter the following:

ETH0 (WAN): (Enabled: ON) Enter the IP address/netmask and default gateway address for the Eth0 (WAN) interface.

ETH1 (LAN): To use the ETH1 (LAN), move the Enabled toggle to ON and enter its IP address/netmask. To disable it, toggle it OFF.

Select Save.

After ExtremeCloud IQ saves your changes, you can update the VGVA device immediately by selecting Update Now in the upper-right of the window. In the Device Update dialog box, select the type of update, and then save your selection by selecting Save as Defaults. To update the VGVA device immediately, select Perform Update.

VGVA Interfaces and ESXi Virtual Networks

VGVA (VPN Gateway Virtual Appliance) runs on an ESXi hypervisor. You also need to install VMware vSphere Client on your management system and use it to access the ESXi hypervisor and VGVA. Computers running Windows support vSphere Client.

Note

Note

VMware provides release notes for each version of vSphere. For example, the release notes for vSphere 6.5 are available at https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-esxi-vcenter-server-65-release-notes.html.

By default, ESXi has two virtual networks: Management Network and VM Network. Both networks are bound to the vSwitch0 virtual switch, which in turn connects to the vmnic0 physical adapter. The management interface (vmk0) for the ESXi hypervisor is bound to the management virtual network. For ease of reference, you rename the VM network “LAN Network” because you cable the vmnic0 physical adapter to the LAN segment of your network. You then create a second virtual network and name it “WAN Network” and bind it to the vSwitch1 virtual switch. You connect vSwitch1 to the vmnic1 physical adapter, which in turn you cable to the WAN segment of your network. When you deploy the VGVA VM, you bind its Eth1 interface to the LAN virtual network and Eth0 to the WAN virtual network.

Image of VGVA interfaces and ESXi virtual networks

VGVA Using One Interface

You can set up the VGVA to use the Eth0 (WAN) interface only. Connect it to the VM network, which links to the vmnic0 physical adapter, which in turn is cabled to the firewall interface in the DMZ. Create a second virtual network for the Eth1 (LAN) interface but, because it is unused, do not bind it to anything. In this case, the device hosting the VGVA needs only one physical network adapter as shown below:

Image of VGVA using only the ETH0 (WAN) interface

VGVA Using Two Interfaces

You can also set up the VGVA to use two Ethernet interfaces. Bind Eth0 (WAN) and Eth1 (LAN) to different virtual networks, which link to separate physical adapters—Eth0 to vmnic0 and Eth1 to vmnic1. In this case, the physical host must have at least two adapters as shown below:

Image of VGVA using the ETH0 (WAN) and ETH1 (LAN) interfaces

Copyright © 2020 Extreme Networks. All rights reserved. Published March 2020.