Creating a Customer Gateway
Scenario
To connect your on-premises data center or private network to your ECSs in a VPC, you need to create a customer gateway before creating a VPN connection.
Notes and Constraints
- Address groups cannot be used to configure the source and destination subnets in a policy on customer gateway devices.
Procedure
- Log in to the management console.
- Click
in the upper left corner and select the desired region and project. - Click
in the upper left corner, and choose . - In the navigation pane on the left, choose .
- On the Customer Gateways page, click Create Customer Gateway.
- Set parameters as prompted and click Create Now.
Table 1 lists the customer gateway parameters.
Table 1 Description of customer gateway parameters Parameter
Description
Example Value
Name
Name of a customer gateway. The value can contain only letters, digits, underscores (_), hyphens (-), and periods (.).
cgw-001
Identifier
- IP Address: Specify the IP address of the customer gateway.
Ensure that UDP port 4500 is permitted in a firewall rule on the customer gateway in your on-premises data center or private network.
- IP Address, 1.2.3.4
- FQDN, cgw-fqdn
BGP ASN
Enter the ASN of your on-premises data center or private network.
The BGP ASN of the customer gateway must be different from that of the VPN gateway.
65000
Advanced Settings > Tags
Tag of a VPN resource. The value consists of a key and a value. A maximum of 20 tags can be added.
You can select predefined tags or customize tags.
To view predefined tags, click View predefined tags.
-
- (Optional) If there are two customer gateways, repeat the preceding operations to configure the other customer gateway with a different identifier.
Related Operations
You need to configure an IPsec VPN tunnel on the router or firewall in your on-premises data center.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
