Updated on 2024-12-20 GMT+08:00

Step 1: Creating a VPN Gateway

Prerequisites

  • A VPC has been created. For details about how to create a VPC, see the Virtual Private Cloud User Guide.
  • Security group rules have been configured for ECSs in the VPC, and allow the customer gateway in the on-premises data center to access VPC resources. For details about how to configure security group rules, see the Virtual Private Cloud User Guide.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the page, and choose Networking > Virtual Private Network.
  3. In the navigation pane on the left, choose Virtual Private Network > Enterprise – VPN Gateways.
  4. Set parameters as prompted, click Create Now, and complete the payment.
  5. The following describes only key parameters.

    Table 1 Key VPN gateway parameters

    Parameter

    Description

    Example Value

    Region

    Select the region nearest to you.

    -

    Name

    Enter the name a VPN gateway.

    vpngw-001

    Network Type

    • Public network: A VPN gateway communicates with a customer gateway in an on-premises data center through the Internet.
    • Private network: A VPN gateway communicates with a customer gateway in an on-premises data center through a private network.

    Public network

    Associate With

    Select VPC.

    • VPC: Through a VPC, the VPN gateway sends messages to the customer gateway or servers in the local subnet. When AZ is set to HomeZones, Associate With can only be set to VPC.

    VPC

    VPC

    Select the VPC that needs to access the on-premises data center.

    vpc-001(192.168.0.0/16)

    Interconnection Subnet

    This subnet is used for communication between the VPN gateway and VPC. Ensure that the selected interconnection subnet has four or more assignable IP addresses.

    192.168.2.0/24

    Local Subnet

    Specify the VPC subnet that needs to access the on-premises data center.

    You can manually enter a CIDR block or select a subnet from the drop-down list box.

    192.168.0.0/24

    Specification

    Select Professional 1.

    Professional 1

    HA Mode

    Select Active-active.

    Active-active

    Active EIP

    You can buy a new EIP or use an existing EIP.

    11.xx.xx.11

    Active EIP 2

    11.xx.xx.12

Verification

Check the created VPN gateway on the VPN Gateways page. The initial state of the VPN gateway is Creating. When the VPN gateway state changes to Normal, the VPN gateway is successfully created.