One of our vCloud Director 8.10 tenants has sub-tenants and wants to have each sub-tenant behind an edge gateway. We have designed the network infrastructure from the following picture.
The Internet Firewall edge gateway has its uplink connected to the internet. The downlink connection of the Internet Firewall should be the default gateway of the transit network. The transit network is an external network because we do not want the sub-tenants to be able to connect virtual machines to the transit network. In the settings of the transit network, the default gateway is 10.1.1.254 and subnet mask 255.255.255.0. The IP pool is 10.1.1.1-10.1.1.253. I cannot add the IP address 10.1.1.254 to the IP pool because it is the IP address of the default gateway. When connecting the Internet Firewall to the transit network, I am unable to assign the 10.1.1.254 IP address to the downlink connection of the Internet Firewall because the IP address has to be in the IP pool.
Does anybody know how to solve this problem or make a redesign of the network that will work with vCloud Director?