- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Practical Tutorial
- IPsec VPN
- Connect via Direct Connect or VPN Connection to Interconnect the Primary and Replica Links for Redundant Communication (Auto-Switch)
- Hybrid Cloud Primary/Secondary Communication (DC and VPN)
- Connecting IDC to CCN
- Local Gateway Configurations
- Connecting IDC to a Single Tencent Cloud VPC for Primary/Secondary Disaster Recovery
- Dedicated Private Network Traffic Encrypted Via a Private Network VPN Gateway
- Establishing a VPN Connection between Tencent Cloud and Azure China
- Establishing Connection Between IDC and Cloud Resources (Dynamic BGP)
- SSL VPN
- IPsec VPN
- API Documentation
- FAQs
- Troubleshooting
- Service Agreement
- Contact Us
- Glossary
- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Practical Tutorial
- IPsec VPN
- Connect via Direct Connect or VPN Connection to Interconnect the Primary and Replica Links for Redundant Communication (Auto-Switch)
- Hybrid Cloud Primary/Secondary Communication (DC and VPN)
- Connecting IDC to CCN
- Local Gateway Configurations
- Connecting IDC to a Single Tencent Cloud VPC for Primary/Secondary Disaster Recovery
- Dedicated Private Network Traffic Encrypted Via a Private Network VPN Gateway
- Establishing a VPN Connection between Tencent Cloud and Azure China
- Establishing Connection Between IDC and Cloud Resources (Dynamic BGP)
- SSL VPN
- IPsec VPN
- API Documentation
- FAQs
- Troubleshooting
- Service Agreement
- Contact Us
- Glossary
Prerequisite
The local private IP range and the Tencent Cloud VPC cannot overlap.
Configuration
1. Create an IPSec VPN gateway
Create a VPN gateway using the IPSec protocol.
2. Create a customer gateway
Specify the Tencent Cloud IP range and the client IP range to connect in the SSL VPN server.
3. Create a VPN tunnel
The client uses certificate and key to connect with the VPN gateway. The client and the server verify their certificates bidirectionally. After verification, the server assigns an IP from the client IP address pool to the client for connecting with CVM in VPC.
4. Configure a local gateway.
Complete the gateway configuration at the client side.
Note:
Tencent IPSec VPN supports the mainstream client gateway (firewall) in the industry. See Local Gateway Configurations.
5. Configure a route within VPC.
Configure the routing and forwarding policies for the IDC to connect with Tencent Cloud VPC. Set the the IP range of the opposite network as the destination address, and VPN tunnel or CCN as the next hop type.
VPN tunnel: select an existing VPN tunnel
CCN: the CCN instance associated with the VPN gateway is displayed here
6. Test the connectivity
Use
ping to verify the connectivity of IPSec VPN connection after the above configurations.
Yes
No
Was this page helpful?