We help our clients to make business convenient, and safe storage and exchange of information. Therefore, we quickly respond to requests with which users of our virtual servers contact support, and prepare clear instructions for solving important problems.
Earlier we wrote about how to set up a client-to-site VPN , and in this post we will show you how to set up a site-to-site VPN in the cloud.
Site-to-site VPN is a type of connection in which two routers are combined into one local network. The connection takes place through an encrypted tunnel, provides secure storage of information and eliminates a number of problems that may arise when connecting to a remote desktop.
The VPN connection is operated by a router. It also acts as a gateway for the local network to which computers are connected. Therefore, nothing changes in the way your computers work. You continue to work in the same mode.
Site-to-site VPN connection diagram: support analyst job description
Site-to-site
It's simple. Read each paragraph carefully, follow the step-by-step steps and you will succeed.
To establish a tunnel, the type of IPsec connection is used, which must be supported by the router.
Step 1. In the server control panel, go to the Network tab , select Select view - VPC and click the Add VPC button.
Step 2. Fill in the required fields in the window that appears and wait 1-3 minutes. the system will process the request and create a VPC.
Please note that the CIDR for the intended network must be different from the CIDR of the local network or some other local network within the Apache CloudStack account.
CIDR is limited to addresses intended for building a private network. That is, use addresses from the rfc1918 network, namely:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16 / 12 prefix)
192.168.0.0 - 192.168.255.255 (192.168 / 16 prefix)
Step 3. After completing all operations, you will see the VPC in the panel. Click Configure here .
Step 4. Fill in the fields:
Please note that Gateway and Netmask must be part of the CIDR specified in step 2.
Step 5. In the Router section, select Site-to-site VPNs and click Yes . This confirms your desire to create this particular type of VPN:
Step 6. Upon successful creation of Site-to-site VPNs, you will see the following window:
Step 7. Return to the Network tab , select Select view - VPN Customer Gateway and click Add VPN Customer Gateway :
Step 8. Fill in all the required fields:
Please note that the CIDR must be part of the local network of the remote office, and the Gateway must be the external address assigned by your ISP.
Important: the settings of all parameters must be coordinated with the router to which the tunnel is being built. The screenshot is just an example.
IKE and ESP encryption must be negotiated, just like keys. Also, ESP lifetime must be a multiple of 3600 (one hour).
Step 9. After completing the procedure that we described above, return to the Network tab , Select view - VPC .
Select our newly created VPC-1 , click Configure and select Site-to-site .
Here replace Select view with VPN Connection :
Step 10. Click Add VPN Connection and select the previously created VPN Customer Gateway :
Step 11. Wait 1-3 minutes for the operation to complete.
All is ready. Upon successful creation of Site-to-site, you will see a window like this:
“Connected” must be from both the cloud and the router side.
If you have any additional questions or something is not working out, please contact our support team . We help clients around the clock. You will quickly receive answers and help in solving your problems.
No comments:
Post a Comment