Aviatrix Gateway to Aviatrix Gateway

This section describes how to configure an IPsec tunnel between an Aviatrix Gateway and another Aviatrix Gateway using Aviatrix Site2Cloud.

There are only a couple of reasons to use Site2Cloud when connecting two Aviatrix Gateways:

You have overlapping CIDR blocks but need to peer two VPC/VNets.
The two Aviatrix Gateways are not part of the same Controller (i.e., one is at your customer and the other one is in your environment).

Deployment

There are two Aviatrix Gateways in this scenario. Since you are using the Site2Cloud feature, you must configure each side of the tunnel individually.

In this procedure the gateways are referred to as Gateway A and Gateway B. You can pick either gateway to be Gateway A or Gateway B.

Configure Tunnel from Gateway A to Gateway B

Follow the steps in Site2Cloud Configuration Workflow to create a Mapped or Unmapped external (Site2Cloud) connection. Use this table for specific field values.

Field	Description
Connect Public Cloud to	External Device: Static Route-Based/Static Route-Based (Mapped)/Static Policy-Based/Static Policy-Based (Mapped)
Local Gateway	Select Gateway A from the dropdown.
Remote Gateway Type	Aviatrix
Remote Gateway IP	Enter the public IP address of Gateway B.
Pre-shared Key	Leave blank and Aviatrix will generate

Field

Description

Connect Public Cloud to

External Device: Static Route-Based/Static Route-Based (Mapped)/Static Policy-Based/Static Policy-Based (Mapped)

Local Gateway

Select Gateway A from the dropdown.

Remote Gateway Type

Aviatrix

Remote Gateway IP

Enter the public IP address of Gateway B.

Pre-shared Key

Leave blank and Aviatrix will generate

Click Save.
Once complete, click the vertical ellipsis menu next to the new external connection and select Download Configuration.
Select Aviatrix for Vendor, UCC for Platform and 1.0 for Software.
Click Download. You can use the information in this file to create the other side of the tunnel.

Configure Tunnel from Gateway B to Gateway A

Go to Networking > Connectivity > External Connections (S2C).

Create a new external connection using the information from the downloaded configuration file. Use this table for specific values:

Field	Description
Connect Public Cloud to	External Device: Static Route-Based/Static Route-Based (Mapped)/Static Policy-Based/Static Policy-Based (Mapped)
Local Gateway	Select Gateway B from the dropdown.
Remote Gateway Type	Aviatrix
Remote Gateway IP	Enter the public IP address of Gateway A.
Pre-shared Key	Leave blank and Aviatrix will generate

Field

Description

Connect Public Cloud to

External Device: Static Route-Based/Static Route-Based (Mapped)/Static Policy-Based/Static Policy-Based (Mapped)

Local Gateway

Select Gateway B from the dropdown.

Remote Gateway Type

Aviatrix

Remote Gateway IP

Enter the public IP address of Gateway A.

Pre-shared Key

Leave blank and Aviatrix will generate

Click Save.

Test

Once complete, you can check tunnel status at Diagnostics > Cloud Routes > External Connections.

Troubleshoot

Wait 2-3 minutes for the tunnel to come up. If it does not come up within that time, check the IP addresses to confirm they are accurate. Additional troubleshooting is available at Diagnostics > Diagnostic Tools.

About External Connection Settings