You would like to establish a Site-to-Site VPN IPsec tunnel between a CloudConnect Org VDC Network and an external on on-premise network.
The attached document explains how using vCloud Director, you can create and manage a secure VPN/IPsec Site-to-Site tunnel between Org VDC Networks and on premise networks. This is done using the Edge Gateway VPN configuration option. The attached example document details the process of established a Site-to-Site VPN tunnel between a hypothetical Org VDC Network (i.e. a Customer's Cloud Network) and a physical office location. The on-premise device in this example is a SonicWALL.
This procedure requires a working knowledge of VPN/IPsec. You will also need to take note of your CloudConnect Public IP Addresses. See CloudConnect Knowledge Base Article: CCT-2015-0817.
If your infrastructure is NOT deployed on VMware vCloud Director, you may request a VPN Tunnel from CloudConnect directly. For mspCloud see: Add a VPN mspCloud. For Private Domain see: Add a VPN Private Domain
VMware vCloud Director
CloudConnect Infrasturcture as a Service.