IPSec VPN Configuration Guidelines
最終更新日:2024-01-09 14:29:29
Prerequisite
The local private IP range and the Tencent Cloud VPC cannot overlap.
Configuration
1. Create an IPSec VPN gateway
Create a VPN gateway using the IPSec protocol.
2. Create a customer gateway
Specify the Tencent Cloud IP range and the client IP range to connect in the SSL VPN server.
3. Create a VPN tunnel
The client uses certificate and key to connect with the VPN gateway. The client and the server verify their certificates bidirectionally. After verification, the server assigns an IP from the client IP address pool to the client for connecting with CVM in VPC.
4. Configure a local gateway.
Complete the gateway configuration at the client side.
Note:
Tencent IPSec VPN supports the mainstream client gateway (firewall) in the industry. See Local Gateway Configurations.
5. Configure a route within VPC.
Configure the routing and forwarding policies for the IDC to connect with Tencent Cloud VPC. Set the the IP range of the opposite network as the destination address, and VPN tunnel or CCN as the next hop type.
VPN tunnel: select an existing VPN tunnel
CCN: the CCN instance associated with the VPN gateway is displayed here
6. Test the connectivity
Use
ping to verify the connectivity of IPSec VPN connection after the above configurations.フィードバック