Step 2: Configuring a Server

The server certificate has been hosted by the CCM.

On the P2C VPN Gateways page, locate the target VPN gateway and click Configure Server in the Operation column.

Set parameters as prompted and click OK.

**Table 1** Server parameters
Area	Parameter	Description	Example Value
Basic Information	Local CIDR Block	Specify the destination CIDR block that clients need to access. You can select a subnet or enter a CIDR block.	192.168.1.0/24
Basic Information	Client CIDR Block	Specify the CIDR block for assigning addresses to virtual NICs of clients.	172.16.0.0/16
Authentication Information	Server Certificate	Click Upload in the drop-down list box.	cert-server
Authentication Information	Client Authentication Mode	Select Certificate authentication. Click Upload Client CA Certificate, open the CA certificate file in .pem format as a text file, and copy the certificate content to the Content text box in the Upload Client CA Certificate dialog box. Select Password authentication (local). After clicking OK, you can manage users and configure access policies.	Password authentication (local)
Advanced Settings	Protocol	Use the default value.	TCP
	Port	Use the default value.	443
	Encryption Algorithm	Use the default value.	AES-128-GCM
	Authentication Algorithm	Use the default value.	SHA256

On the P2C VPN Gateways page, locate the target VPN gateway and click Configure Server in the Operation column.
Set parameters as prompted and click OK.

Create a user group.

On the P2C VPN Gateways page, locate the target VPN gateway and click View Server in the Operation column.
Click the User Management and User Groups tabs in sequence, and click Create User Group.

Set parameters as prompted and click OK.

The following table describes only key parameters.

**Table 2** Key parameter for creating a user group
Parameter	Description	Example Value
Name	Enter a user group name.	Testgroup_01

Create a user.

On the P2C VPN Gateways page, locate the target VPN gateway and click View Server in the Operation column.
Click the User Management tab. On the Users tab page, click Create User.

Set parameters as prompted and click OK.

The following table describes only key parameters.

**Table 3** Key parameters for creating a user
Parameter	Description	Example Value
Name	The value can contain a maximum of 64 characters, including letters, digits, periods (.), underscores (_), and hyphens (-). NOTE: Do not use the following usernames that are reserved in the system: L3SW_ (prefix), link, Cascade, SecureNAT, localbridge, and administrator (case-insensitive).	Test_01
Password	The value contains 8 to 32 characters. The value must contain at least two types of the following characters: uppercase letters, lowercase letters, digits, and the following special characters: `~!@#$%^&*()-_=+\\|[{}];:'",<.>/? and spaces. The password cannot be the username or the reverse of the username.	Set this parameter based on the site requirements.
Confirm Password	Reenter the password.	Set this parameter based on the site requirements.
User Group	Select the user group to which the user belongs. NOTE: A user that is not added to any user group cannot access resources on the cloud.	Testgroup_01

On the P2C VPN Gateways page, locate the target VPN gateway and click View Server in the Operation column.
Click the Access Policies tab, and click Create Policy.

Set parameters as prompted and click OK.

The following table describes only key parameters.

**Table 4** Key parameters for creating a policy
Parameter	Description	Example Value
Name	Only letters, digits, underscores (_), and hyphens (-) are allowed.	Policy_01
Destination CIDR Block	If you enter multiple CIDR blocks, separate them with commas (,), for example, 192.168.1.0/24,192.168.2.0/24.	192.168.1.0/24
User Group	Select a user group.	Testgroup_01