Building a Hybrid Cloud Network Through Direct Connect and VPN Working in an Active/Standby Pair

Step 1: Create Cloud Resources

1. Create an enterprise router for connecting VPCs in the same region.
2. Create a service VPC with a subnet.
3. Create an ECS in the service VPC subnet.

Step 2: Create a Virtual Gateway Attachment to the Enterprise Router

1. Create a Direct Connect connection. The connection is dedicated to connect an on-premises data center to Huawei Cloud over a line you lease from a carrier.
2. Create a virtual gateway and attach it to the enterprise router.
3. Create a virtual interface to associate the virtual gateway with the Direct Connect connection.
4. Configure routes on the router in the on-premises data center.

Step 3: Create a VPC Attachment to the Enterprise Router

1. Attach the service VPC to the enterprise router.
2. Add a route with the enterprise router as the next hop and the on-premises CIDR block as the destination to the VPC route table.

Step 4: Verify the Network Connectivity Over the Direct Connect Connection

Log in to the ECS and run the ping command to verify the network connectivity through the Direct Connect connection.

Step 5: Create a VPN Attachment to the Enterprise Router

1. Create a VPN gateway and attach it to the enterprise router.
2. Create a customer gateway, that is the gateway of the on-premises data center.
3. Create two VPN connections that connect the VPN gateway and the customer gateway and work in active/standby mode.
4. Configure routes on the router in the on-premises data center.

Step 6: Verify the Network Connectivity Over the VPN Connection

Log in to the ECS and run the ping command to verify the network connectivity through the VPN connections.

A VPN connection is a standby one. If you need to verify the network connectivity through a VPN connection, you need to simulate a fault on the active connection, that is the Direct Connect connection.