Restoring the Enterprise Router After Unsubscribing from a Firewall

If you no longer need VPC border traffic protection, manually restore the configuration of the enterprise router after disabling VPC border protection.

This section describes how to restore enterprise router configurations. After the restoration, traffic will be transmitted from VPC1 to VPC2 through the enterprise router without passing through CFW.

Scenario

The protection from the VPC border firewall is no longer required.

Prerequisites

VPC border firewall protection has been disabled. For details, see Disabling VPC Border Protection.

Procedure

Log in to the management console.
Click in the upper left corner of the management console and select a region or project.
In the upper left corner, click and choose Networking > Enterprise Router. Click Manage Route Table.
Configure propagation routes (automatically generated after propagation is configured) in the association route table.
1. On the Routes tab page of the association route table, click Create Route. Set Destination Address and Next Hop to those of the protected VPC specified in the configurations of the propagation route table.
  - An association route table is used for transmitting traffic from VPC to CFW. For details about how to configure it, see Configuring Associations for a Route Table.
    A propagation route table is used for transmitting traffic from CFW to VPC. For details about how to configure it, see Configuring Propagations for a Route Table.
  - The number of routes added to the association route table must be the same as the number of routes displayed in the propagation route table.
2. (Optional) Delete the propagation route table.
  
  This step is optional. Traffic will be transmitted from VPC1 to VPC2 through the enterprise router even if the propagation route table is not deleted.
3. For more information about how to delete a CFW connection, see Submitting a Service Ticket.