Allowing a Cloud Phone Server to Access a Public Network Outside the Chinese Mainland

Restrictions and Limitations

• This practice applies only to cloud phone servers without EIPs. That is, the number of EIPs in the cloud phone specifications must be 0. The number of virtual IP addresses is not limited.

  

Procedure

1. Apply for a cross-border permit. For details, see Cross-Border Permits. Proceed with the next step only if you have obtained the cross-border permit.
2. Log in to the CPH console, choose Servers, and click the cloud phone server whose traffic is to be diverted. On the server details page, locate Subnet.

   

3. Click the subnet name. On the subnet details page, find IPv4 CIDR Block and record the subnet CIDR block of the cloud phone server, for example, 192.168.0.0/24.

   

4. Choose Networking > NAT Gateway.
5. Select the region where you want your cloud phone server to access the public network outside the Chinese mainland, for example, CN-Hong Kong.
6. Purchase an EIP and a public NAT gateway. Add an SNAT rule. Add a route with 0.0.0.0/0 as the destination and the public NAT gateway as the next hop. For details, see Configuring SNAT Rules to Enable Servers to Access the Internet.

   When you add the SNAT rule, select Direct Connect/Cloud Connect for Scenario and enter the subnet CIDR block of the cloud phone server recorded in 3.

   

7. Choose Networking > Cloud Connect.
8. Create a cloud connection, and load the VPC where the cloud phone server is deployed and the VPC where the public NAT gateway is deployed to the cloud connection. When loading the VPCs, select the subnets where the cloud phone server and the public NAT gateway purchased in 6 are deployed. For details, see Connecting VPCs in the Same Account. Purchase a bandwidth package for communications between geographic regions, in this example, from the Chinese mainland to Asia Pacific. Bind the bandwidth package to the cloud connection.

   

   

9. On the Network Instances page of the cloud connection, select the loaded VPC in the CN-Hong Kong region and click Modify VPC CIDR Block.

   

   In the displayed Modify VPC CIDR Block dialog box, click Advanced Settings, enter 0.0.0.0/0, click Add, and click OK.

   

(Optional) Allowing a Cloud Phone Server to Access a Public Network Inside the Chinese Mainland

1. Purchase an EIP and a public NAT gateway in the region where the cloud phone server is deployed. Add an SNAT rule. For details, see 6. You do not need to add a route with 0.0.0.0/0 as the destination and the public NAT gateway as the next hop.
2. Repeat 2 and 3 to view the subnet of the cloud phone server and the route table of the subnet.

   

3. Click the name of the route table. On the displayed page, click Add Route.

   

4. In the dialog box that is displayed, set Destination to the IP address or CIDR block where the cloud phone server traffic is to be diverted, set Next Hop Type to NAT gateway, set Next Hop to the public NAT gateway purchased in 1, and click OK.

   

5. Repeat 4 if traffic to your cloud phone server needs to be diverted to other IP addresses or CIDR blocks.