Help Center/ Virtual Private Network/ Administrator Guide/ S2C Enterprise Edition VPN/ Interconnection with Alibaba Cloud/ Static Routing Mode/ Operation Guide
Updated on 2025-08-19 GMT+08:00
View PDF
Share

Operation Guide

Scenario

Figure 1 shows the typical networking where a VPN gateway on Huawei Cloud connects to a VPN gateway on Alibaba Cloud in static routing mode.

Figure 1 Typical networking diagram

In this scenario, the Alibaba Cloud VPN gateway has only one IP address, and the Huawei Cloud VPN gateway uses the active-active mode. A VPN connection needs to be created between each of the two active EIPs of the Huawei Cloud VPN gateway and the IP address of the Alibaba Cloud VPN gateway.

Data Plan

Table 1 Data Plan

Category

Item

Example Value for the Alibaba Cloud Side

Example Value for the Huawei Cloud Side

VPC

Subnet

172.16.0.0/24

192.168.0.0/24

VPN gateway

Gateway IP address

1.1.1.1
  • Active EIP: 1.1.1.2
  • Active EIP 2: 2.2.2.2

Interconnection subnet

-

192.168.2.0/24

VPN connection

Tunnel interface addresses under Connection 1's Configuration
  • Local tunnel interface address: 169.254.70.1/30
  • Customer tunnel interface address: 169.254.70.2/30

Tunnel interface addresses under Connection 2's Configuration
  • Local tunnel interface address: 169.254.71.1/30
  • Customer tunnel interface address: 169.254.71.2/30

IKE policy
  • IKE version: IKEv2
  • Authentication algorithm: SHA2-256
  • Encryption algorithm: AES-128
  • DH algorithm: Group 14
  • Local ID: IP address
  • Peer ID: IP address

IPsec policy
  • Authentication algorithm: SHA2-256
  • Encryption algorithm: AES-128
  • PFS: DH Group 14
Parent topic: Static Routing Mode