This document describes how to connect to a VPC over an SSL VPN connection on a Windows, macOS, or Linux client.
This document takes the scenario below as an example to describe how to connect to a VPC over an SSL VPN connection on a Windows, macOS, or Linux client.
The process of connecting to a VPC over an SSL VPN connection on the client is as follows:
Log in to the VPC console.
Select VPN Connections > VPN Gateway on the left sidebar to enter the admin page.
In the Create VPN gateway pop-up window, configure the following gateway parameters.
|Gateway name||Enter the VPN gateway name (up to 60 characters).|
|Region||Display the region of the VPN gateway.|
|AZ||Select the availability zone of the current gateway.|
|Protocol Type||Select SSL.|
|Bandwidth cap||Set a reasonable bandwidth cap for the VPN gateway according to the actual application scenarios.|
|Associated Network||Select VPC.|
|Network||Select the VPC associated with the VPN gateway|
|SSL VPN Connections||Select the number of clients that you want to connect. An SSL client allows connection from only one user.|
|Billing Mode||The SSL VPN gateway is pay-as-you-go by default.|
A VPN gateway can be associated with only one SSL VPN server. For more information, see Use Limits.
|Name||Enter the SSL VPN server name (up to 60 characters).|
|Region||Display the region of the SSL VPN server.|
|VPN gateway||Select an existing VPN gateway.|
|Server IP range||Tencent Cloud IP ranges accessed by mobile clients.|
|Client IP Range||Enter the IP range that is assigned to the mobile client for communication. The IP range must not conflict with the VPC CIDR block of Tencent or your local IP range.|
|Protocol||Transmission protocol of the server.|
|Port||Enter the SSL VPN server port used for data forwarding.|
|Verification algorithm||Supported authentication algorithms: SHA1 and MD5.|
|Encryption algorithm||Supported encryption algorithms: AES-128-CBC, AES-192-CBC, and AES-256-CBC.|
An SSL client allows connection from only one user.
|Destination||Enter the client IP range that is configured in Step 2: Create an SSL VPN Server.|
|Next Hop Type||Select VPN Gateway.|
|Next Hop||Select an existing SSL VPN gateway.|
This section describes how to configure Windows, macOS, and Linux clients.
yum install -y openvpn
sudo apt-get install openvpn
/etc/openvpn/conf/directory and run the following command to establish a VPN connection:
openvpn --config /etc/openvpn/conf/config.ovpn --daemon
After establishing the SSL VPN connection between Tencent Cloud and the client, you can use
ping to test the connection.
For example, you can use the CVM in the VPC to
ping an IP address in the client IP range. If the ping is successful, the VPC and the client can communicate with each other.