Help Center/ Virtual Private Network/ Getting Started/ Configuring S2C Enterprise Edition VPN to Connect an On-premises Data Center to a VPC/ Step 1: Creating a VPN Gateway
Updated on 2024-12-09 GMT+08:00
View PDF
Share

Step 1: Creating a VPN Gateway

Prerequisites

  • A VPC has been created. For details about how to create a VPC, see Creating a VPC and Subnet.
  • Security group rules have been configured for ECSs in the VPC, and allow the customer gateway in the on-premises data center to access VPC resources. For details about how to configure security group rules, see Security Group Rules.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the page, and choose Networking > Virtual Private Network.
  3. In the navigation pane on the left, choose Virtual Private Network > Enterprise – VPN Gateways.
  4. On the S2C VPN Gateways tab page, click Buy S2C VPN Gateway.
  5. Set parameters as prompted, click Buy Now, and complete the payment.
  6. The following describes only key parameters. For details about more parameters, see Creating a VPN Gateway.

    Table 1 Key VPN gateway parameters

    Parameter

    Description

    Example Value

    Billing Mode

    The options include Yearly/Monthly and Pay-per-use.

    Yearly/Monthly

    Region

    Select the region nearest to you.

    AP-Singapore

    AZ

    Two types of AZs are supported: General and HomeZones.

    General

    Name

    Enter the name a VPN gateway.

    vpngw-001

    Network Type
    • Public network: A VPN gateway communicates with a customer gateway in an on-premises data center through the Internet.
    • Private network: A VPN gateway communicates with a customer gateway in an on-premises data center through a private network.

    Public network

    Protocol Type

    The value can be IPv4 or IPv6.

    IPv4

    Associate With

    The options include VPC and Enterprise Router

    • VPC: Through a VPC, the VPN gateway sends messages to the customer gateway or servers in the local subnet. When AZ is set to HomeZones, Associate With can only be set to VPC.
    • Enterprise Router: Through an enterprise router, the VPN gateway sends messages to the customer gateway or servers in the subnets of all VPCs connected to the enterprise router.

    VPC

    VPC

    Select the VPC that needs to access the on-premises data center.

    vpc-001(192.168.0.0/16)

    Interconnection Subnet

    This subnet is used for communication between the VPN gateway and VPC. Ensure that the selected interconnection subnet has four or more assignable IP addresses.

    192.168.2.0/24

    Local Subnet

    Specify the VPC subnet that needs to access the on-premises data center.

    You can manually enter a CIDR block or select a subnet from the drop-down list box.

    192.168.0.0/24

    Specification

    Select Professional 1 and deselect Access via a non-fixed IP address.

    Professional 1

    HA Mode

    Select Active-active.

    Active-active

    Active EIP

    You can buy a new EIP or use an existing EIP.

    11.xx.xx.11

    Active EIP 2

    11.xx.xx.12

Verification

Check the created VPN gateway on the VPN Gateways page. The initial state of the VPN gateway is Creating. When the VPN gateway state changes to Normal, the VPN gateway is successfully created.