Help Center/ Virtual Private Network/ Service Overview/ What Is VPN?
Updated on 2024-07-23 GMT+08:00
View PDF

What Is VPN?

Overview

Virtual Private Network (VPN) establishes secure, reliable, and cost-effective encrypted connections between your on-premises network or data center and a virtual network on the cloud.

Cross-border VPN connections cannot be established between the Chinese mainland and other regions.

VPN falls into two categories: Site-to-Cloud VPN (S2C VPN) and Point-to-Cloud VPN (P2C VPN), which apply to different scenarios. S2C VPN uses the Internet Protocol Security (IPsec) protocol, and P2C VPN uses the Secure Sockets Layer (SSL) protocol.

S2C VPN involves three key components: VPN gateway, customer gateway, and VPN connection.

  • A VPN gateway provides an Internet egress for a Virtual Private Cloud (VPC) to connect to a customer gateway in your on-premises data center.
  • A VPN connection connects a VPN gateway to a customer gateway through encrypted tunnels, enabling communication between a VPC and your on-premises data center. This helps quickly establish a secure hybrid cloud environment.

Figure 1 shows the S2C VPN networking.

Figure 1 S2C VPN networking

P2C VPN involves three key components: VPN gateway, server, and client.

  • A VPN gateway provides an Internet egress for a VPC and is bound to a server.
  • A server encapsulates and decapsulates data packets, and defines the port, encryption algorithm, and CIDR blocks for communicating with clients.
  • A client establishes a VPN connection with a server to remotely access cloud resources or services.

Figure 2 shows the P2C VPN networking.

Figure 2 P2C VPN networking

Components

S2C VPN

  • VPN gateway: a virtual gateway of VPN on the cloud. It establishes secure private connections with a customer gateway in your on-premises network or data center.
  • Customer gateway: a resource that provides information to the cloud about your customer gateway device. It can be a physical device or software application in your on-premises data center.
  • VPN connection: a secure channel between a VPN gateway and a customer gateway. VPN connections use the Internet Key Exchange (IKE) and IPsec protocols to encrypt the transmitted data.

P2C VPN

  • VPN gateway: a virtual gateway of VPN on the cloud. It establishes secure private connections with clients.
  • Server: a functional module of a virtual gateway. It provides SSL services for configuration management and client connection authentication.
  • Client: VPN client software deployed on user terminals.

Accessing the VPN Service

You can access the VPN service through the web-based management console.

  • If you have registered an account, log in to the management console and choose Networking > Virtual Private Network to log in to the VPN console.
  • If you do not have an account, register one first by referring to "Registering an Account and Enabling Huawei Cloud Services" in Preparations.