Overview
Supported Regions
The supported regions are subject to those available on the console.
Scenario
Enterprise employee A on a business trip needs to access a service website, for which the website server is deployed on Huawei Cloud. Employee A wants to use a VPN client on a PC to access this website server.
Limitations and Constraints
- The client CIDR block cannot overlap with the destination CIDR block in the VPC to be accessed, and cannot contain special CIDR blocks such as 100.64.0.0/10 and 214.0.0.0/8.
- The client device can access the Internet.
Prerequisites
- You have obtained the server certificate and private key, created a user, and configured a password for the user. For details about how to issue a certificate by yourself, see Using Easy-RSA to Issue Certificates (Server and Client Sharing a CA Certificate).
- The server certificate has been hosted by the Cloud Certificate Manager (CCM). For details about how to host a server certificate, see Using the CCM to Manage a Server Certificate.
Data Plan
| Category | Item | Data |
|---|---|---|
| VPC | Subnet to be interconnected | 192.168.0.0/16 |
| VPN gateway | Interconnection subnet | Subnet used for communication between the VPN gateway and VPC. Ensure that the selected interconnection subnet has three or more assignable IP addresses. 192.168.2.0/24 |
| Maximum number of connections | 10 | |
| EIP | An EIP is automatically generated when you buy it. In this example, the EIP 11.xx.xx.11 is generated. | |
| Server | Local CIDR block | 192.168.1.0/24 |
| Server certificate | cert-server (name of the server certificate hosted by the CCM) | |
| SSL parameters |
| |
| Client | Client CIDR block | 172.16.0.0/16 |
| Client authentication mode | Default mode: password authentication (local)
|
Operation Process
Figure 1 shows the process of configuring the VPN service to allow a client to remotely access a VPC.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
