Help Center/ Virtual Private Cloud/ User Guide (Paris Regions) / FAQ/ Connectivity/ How Do I Handle a VPN or Direct Connect Connection Network Failure?
Updated on 2024-03-05 GMT+08:00

How Do I Handle a VPN or Direct Connect Connection Network Failure?

VPN Network

Figure 1 shows your network, the customer gateway, the VPN, and the VPC.

Figure 1 VPN network

Customer Self-Check Guidance

  1. Provide your network information.

    Obtain information listed in Table 1. This table lists example values. You can determine the actual values based on the example values. You must obtain all actual values of your project.

    You can print this table and fill in your values.

    Table 1 Network information

    Item

    Description

    Example

    Value

    VPC CIDR block

    Required for customer gateway configuration

    Example: 10.0.0.0/16

    N/A

    VPC ID

    N/A

    N/A

    N/A

    CIDR block of subnet 1 (can be the same as the VPC CIDR block)

    N/A

    Example: 10.0.1.0/24

    N/A

    ECS ID

    N/A

    N/A

    N/A

    Customer gateway type (for example, Cisco)

    N/A

    N/A

    N/A

    Public IP address used by the customer gateway

    N/A

    The value must be static.

    N/A

  2. Provide your gateway configuration information.

    You can check the gateway connectivity issues based on the following steps:

    You must take the IKE, IPsec, ACL rules, and route selection into consideration. You can rectify the failure in any desired sequence. However, it is recommended that you check for the failure in the following sequence: IKE, IPsec, ACL rules, and route selection.

    1. Obtain the IKE policy used by your gateway device.
    2. Obtain the IPsec policy used by your gateway device.
    3. Obtain the ACL rule used by your gateway device.
    4. Check whether your gateway device can communicate with the gateway devices on the cloud.

    The commands used on different gateway devices are different. You can run the commands based on your gateway device (such as Cisco, H3C, AR, or Fortinet device) to obtain the preceding required information.

O&M Operations That Require Assistance

You must send communication requests from the ECSs to the remote device.

Method:

Log in to an ECS and ping an IP address in your on-premises data center.