Allowing a Cloud Phone Server to Access a Public Network Outside the Chinese Mainland
The following figure shows how to allow a cloud phone server to access a public network outside the Chinese mainland.
Restrictions and Limitations
Procedure
- Apply for a cross-border permit. For details, see Cross-Border Permits. Proceed with the next step only if you have obtained the cross-border permit.
- Log in to the CPH console, choose Servers, and click the cloud phone server whose traffic is to be diverted. On the server details page, locate Subnet.
- Click the subnet name. On the subnet details page, find IPv4 CIDR Block and record the subnet CIDR block of the cloud phone server, for example, 192.168.0.0/24.
- Choose Networking > NAT Gateway.
- Select the region where you want your cloud phone server to access the public network outside the Chinese mainland, for example, CN-Hong Kong.
- Purchase an EIP and a public NAT gateway. Add an SNAT rule. Add a route with 0.0.0.0/0 as the destination and the public NAT gateway as the next hop. For details, see Using a Public NAT Gateway to Enable Servers to Share One or More EIPs to Access the Internet.
When you add the SNAT rule, select Direct Connect/Cloud Connect for Scenario and enter the subnet CIDR block of the cloud phone server recorded in 3.
- Choose Networking > Cloud Connect.
- Create a cloud connection, and load the VPC where the cloud phone server is deployed and the VPC where the public NAT gateway is deployed to the cloud connection. When loading the VPCs, select the subnets where the cloud phone server and the public NAT gateway purchased in 6 are deployed. For details, see Connecting VPCs in the Same Account. Purchase a bandwidth package for communications between geographic regions, in this example, from the Chinese mainland to Asia Pacific. Bind the bandwidth package to the cloud connection.
- On the Network Instances page of the cloud connection, select the loaded VPC in the CN-Hong Kong region and click Modify VPC CIDR Block.
In the displayed Modify VPC CIDR Block dialog box, click Advanced Settings, enter 0.0.0.0/0, click Add, and click OK.
Now your cloud phone server can access the public network outside the Chinese mainland. All traffic from this server is diverted to the cloud connection and then to the public NAT gateway in the CN-Hong Kong region, so this server can use the EIP bound to the public NAT gateway to access the public network outside the Chinese mainland. To verify the above configurations, you can use your cloud phone server to access the public network outside the Chinese mainland.
If you do not need your cloud phone server to access a public network inside the Chinese mainland, skip the following steps.
(Optional) Allowing a Cloud Phone Server to Access a Public Network Inside the Chinese Mainland
- Purchase an EIP and a public NAT gateway in the region where the cloud phone server is deployed. Add an SNAT rule. For details, see 6. You do not need to add a route with 0.0.0.0/0 as the destination and the public NAT gateway as the next hop.
- Repeat 2 and 3 to view the subnet of the cloud phone server and the route table of the subnet.
- Click the name of the route table. On the displayed page, click Add Route.
- In the dialog box that is displayed, set Destination to the IP address or CIDR block where the cloud phone server traffic is to be diverted, set Next Hop Type to NAT gateway, set Next Hop to the public NAT gateway purchased in 1, and click OK.
- Repeat 4 if traffic to your cloud phone server needs to be diverted to other IP addresses or CIDR blocks.
Now when you access the IP address configured with traffic diversion from the cloud phone server, the traffic will be diverted from the EIP configured for the NAT gateway purchased in the Chinese mainland region, and other traffic will be diverted to the cloud connection from the EIP configured for the NAT gateway purchased outside the Chinese mainland region.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot