Showing posts from May, 2019

Use PowerCLI to set your SDDC Policy Based VPN

Gilles Chekroun
Lead VMware Cloud on AWS Specialist
In the previous post, we talked about using PowerCLI to setup a route-based VPN. This post will show how to setup a policy based VPN.
For that I will use a new AWS VPC and a Customer Gateway with a Virtual Gateway in AWS natively.
This sets up 2 VPN tunnels with static routes compared to the BGP routes with the route-based VPN.

PowerCLI FunctionsNew-NSXTPolicyBasedVPNGet-NSXTPolicyBasedVPNRemove-NSXTPolicyBasedVPNJSON and PSObjectsIn this post I want to go a bit deeper on the relation between JSON and the PowerShell Objects. To set the VPN Tunnels, we use API calls and with that we need to pass a payload that will carry our multiple parameters like IP addresses, passwords, IKE and Tunnel encryption digest / algorithms.

The Java Script Object Notation (JSON) is mostly used with APIs and our NSX-T Policy APIs are not any exception. When we write a PowerCLI function we need to map the JSON notation to PowerShell.
For example, [...] in JSON …