Help Center/ Virtual Private Network/ User Guide/ P2C VPN/ P2C VPN Server Management/ Modifying a Server
Updated on 2025-08-19 GMT+08:00
View PDF
Share

Modifying a Server

Scenario

You can modify the server configuration.

  • If you specify a client IP address and then modify the client CIDR block of the server, the client needs to reconnect to the server and the specified IP address will be cleared.
  • If you modify advanced settings such as the protocol and port, you need to download the new client configuration file and import it to the clients for the modification to take effect.

Precautions

  • After the port or encryption algorithm is changed, clients are disconnected. You need to download the new client configuration file to reconnect them.
  • Exercise caution when adding, deleting, or modifying the local CIDR block of a VPN gateway, client CIDR block of a VPN connection, client authentication type, and access policy, since these operations may interrupt the network.

Modifying a Server

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Click in the upper left corner, and choose Networking > Virtual Private Network.
  4. In the navigation pane on the left, choose Virtual Private Network > Enterprise – VPN Gateways.
  5. Click the P2C VPN Gateways tab, locate the target VPN gateway, and click View Server in the Operation column.
  6. Modify the server configuration.

    • Click next to Basic Information, change the local or client CIDR block, and click OK.
    • Click Replace in the Operation column of the server certificate, replace the service certificate, and click OK.
    • Click on the right of Client Authentication Mode, change the client authentication mode, and click OK.
    • Click next to Advanced Settings, modify the port, encryption algorithm, or domain name access configuration, and click OK.

      After a DNS server address is changed, the new address takes effect when a client reconnects to the cloud.

Changing the Server Certificate

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Click in the upper left corner, and choose Networking > Virtual Private Network.
  4. In the navigation pane on the left, choose Virtual Private Network > Enterprise – VPN Gateways.
  5. Click the P2C VPN Gateways tab. In the VPN gateway list, locate the target VPN gateway, and click View Server in the Operation column.
  6. On the Server tab page, click Replace in the Operation column of the server certificate. The Replace Server Certificate dialog box is displayed.
  7. Select a server certificate, and click OK.

    After the server certificate is switched from the service self-signed certificate to an existing certificate, it cannot be switched back to the service self-signed certificate.

    After the server certificate is replaced, clients are disconnected. You need to download the new client configuration file to reconnect them.

Changing the Client Authentication Mode

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Click in the upper left corner, and choose Networking > Virtual Private Network.
  4. In the navigation pane on the left, choose Virtual Private Network > Enterprise – VPN Gateways.
  5. Click the P2C VPN Gateways tab. In the VPN gateway list, locate the target VPN gateway, and click View Server in the Operation column.
  6. Change the client authentication mode.

    After the authentication mode is changed, the original connections are interrupted.

    • Change the authentication mode from Password authentication (local) to Certificate authentication.
      1. Delete the user, user group, and access policy involved in password authentication.
      2. Click on the right of Password authentication (local).
      3. In the dialog box that is displayed, change the value of Client Authentication Mode to Certificate authentication.
      4. Click OK.
    • Change the authentication mode from Certificate authentication to Password authentication (local).
      1. Delete the CA certificate used for certificate authentication.
      2. Click on the right of Certificate authentication.
      3. In the dialog box that is displayed, change the value of Client Authentication Mode to Password authentication (local).
      4. Click OK.

        When password authentication is used, the access policy default is automatically generated, which applies to all users in the user group default.