11/9/2022 0 Comments Pritunl aws cost![]() ![]() To complete the setup and have each vCloud zone talking to each other, we need to configure static routes on each zone network gateway/router so that traffic destined for the other subnets knows to be routed through to the Site Gateway IP, through to the central Hub Appliance onto the destination and then back. Adding static routes to cloud zones (cloud to cloud to cloud) You can see above that the 192.168.60.0, 192.168.70.0 and 192.168.80.0 static routes have been added and set to use the tunnel interfaces default gateway which is on the central Hub Appliance. Shown below is the Tunnelblick OpenVPN Client connected to the Hub Appliance showing the injected routes into the network settings. ![]() If I was to connect an OpenVPN Client to the Hub Appliance, I could access all subnets and be able to connect to systems or services in each location. Once each vCloud zone has the Site Gateway deployed and the corresponding XML configuration file added, you should see all sites connected in the Veeam PN Dashboard.Īt this stage, we have connected each vCloud Zone to the central Hub Appliance which is configured now to route to each subnet. Each Site Gateway needs to be deployed and attached to the vCloud vORG Network that you want to extend, in my case it’s the 192.168.60.0, 192.168.70.0 and 192.168.80.0 vORG Networks. I’ve previously created and blogged about an OVFTool upload script using PowerShell. Once this has been completed, you need to deploy a Veeam PN Site Gateway in each vCloud Hosting Zone, and because we are dealing with an OVA, the OVFTool will need to be used to upload the Veeam PN Site Gateway appliances. Referencing the diagram at the beginning of the post, I needed to register three separate client configurations as shown below. You must use the configuration file (downloadable as an XML) to set up the Site Gateways. In order to configure the Veeam PN Site Gateway you’ll need to register the sites from the Veeam PN Hub Appliance. When you register a client, Veeam PN generates a configuration file that contains VPN connection settings for the client. Configuring site clients for cloud zones (site-to-site) This central hub can be deployed anywhere, and as long as it’s got HTTPS connectivity configured correctly to access the web interface, you can start to configure your site and standalone clients. In my setup, the Veeam PN Hub Appliance has been deployed into Microsoft Azure mainly because that’s where I was able to test out Veeam PN initially, but also because in theory it provides a centralized, highly available location for all the site-to-site connections to terminate into.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |