Help Center/ Virtual Private Network/ Best Practices/ S2C Enterprise Edition VPN/ Allowing Direct Connect and VPN to Work in Active and Standby Mode to Link Data Center to Cloud/ Construction Process
Updated on 2023-08-01 GMT+08:00
View PDF
Share

Construction Process

Table 1 describes the overall process of constructing the hybrid cloud network using Direct Connect and VPN connections that work in the active/standby mode and an enterprise router.

Table 1 Process description of constructing the hybrid cloud network

Procedure

Description

Step 1: Create Cloud Resources
  1. Create one enterprise router for connecting VPCs in the same region.
  2. Create a service VPC with a subnet.
  3. Create an ECS in the service VPC subnet.

Step 2: Create a Virtual Gateway Attachment to the Enterprise Router
  1. Create a Direct Connect connection. The connection is dedicated to connect an on-premises data center to the Huawei Cloud over a line you lease from a carrier.
  2. Create a virtual gateway and attach it to the enterprise router.
  3. Create a virtual interface to associate the virtual gateway with the Direct Connect connection.
  4. Configure routes on the router of the on-premises data center.

Step 3: Create a VPC Attachment to the Enterprise Router
  1. Attach the service VPC to the enterprise router.
  2. Add a route with the enterprise router as the next hop and the CIDR block of the data center as the destination to the VPC route table.

Step 4: Verify the Network Connectivity Over the Direct Connect Connection

Log in to the ECS and run the ping command to verify the network connectivity through the Direct Connect connection.

Step 5: Create a VPN Attachment to the Enterprise Router
  1. Create a VPN gateway and attach it to the enterprise router.
  2. Create a customer gateway, that is the gateway of the data center.
  3. Create two VPN connections that connect the VPN gateway and the customer gateway and work in active/standby mode.
  4. Configure routes on the router of the on-premises data center.

Step 6: Verify the Network Connectivity Over the VPN Connection

Log in to the ECS and run the ping command to verify the network connectivity through the VPN connections.

A VPN connection is a standby one. If you need to verify the network connectivity through a VPN connection, you need to simulate a fault on the active connection, that is the Direct Connect connection.