Operation

Scenario

Typical networking shows the typical networking for connecting a Huawei Cloud VPN gateway to a Tencent Cloud VPN gateway using static routes.

Figure 1 Typical networking diagram
Click to enlarge

In this scenario, the Tencent Cloud VPN gateway supports only the single-IP address solution. The active-active mode is recommended for the Huawei Cloud VPN gateway. Create a VPN connection between the active EIP, active EIP2, and the IP address of the Tencent Cloud VPN gateway.

Data Plan

**Table 1** Data plan
Category	Item	Tencent Cloud Example Value	Example Value for the Huawei Cloud Side
VPC	Subnet	172.16.0.0/24	192.168.0.0/24
VPN gateway	Gateway IP address	1.1.1.1	Active EIP: 1.1.1.2 Active EIP 2: 2.2.2.2
VPN gateway	Interconnection subnet	-	192.168.2.0/24
VPN connection	Tunnel interface addresses under Connection 1's Configuration	Local tunnel interface address: 169.254.70.1/30 Customer tunnel interface address: 169.254.70.2/30
	Tunnel interface addresses under Connection 2's Configuration	Local tunnel interface address: 169.254.71.1/30 Customer tunnel interface address: 169.254.71.2/30
	IKE policy	Version: v2 Authentication algorithm: SHA2-256 Encryption Algorithm: AES-128 DH algorithm: Group 14 Local ID: IP address Peer ID: IP address
	IPsec policy	Authentication algorithm: SHA2-256 Encryption Algorithm: AES-128 PFS: DH group 14 DPD timeout period: 45s The default DPD timeout period at the Huawei Cloud side is 45 seconds, which cannot be configured.