tencent cloud

VPN Connections

Release Notes and Announcements

Jul. 29, 2021 - Authentication Upgrade for VPN-related APIs

Apr. 6, 2022 - SSL VPN Commercialized

Product Introduction

Application Scenarios

Related products

Purchase Guide

Billing Overview

Purchase Methods

Expiration Notifications

Getting Started

IPSec VPN

Establishing a Connection Between VPC and IDC (SPD policy)

Step 1: Create a VPN Gateway

Step 2: Create a Customer Gateway

Step 3: Create a VPN Tunnel

Step 4: Load the Configuration of the Local Gateway

Step 5: Configure a Routing Table

Step 6: Activate a VPN Tunnel

Connecting VPC to IDC (Destination route)

Step 1: Create a VPN Gateway

Step 2: Create a Customer Gateway

Step 3: Create a VPN Tunnel

Step 4: Configure a Local Gateway

Step 5: Configure a Routing Policy

Step 6: Activate a VPN Tunnel

Connecting VPC to IDC (Dynamic BGP)

Step 1: Create a CCN VPN Gateway

Step 2: Create a Customer Gateway

Step 3: Create a VPN Tunnel

Step 4: Configure a Local Gateway

Step 6: Activate a VPN Tunnel

SSL VPN

Connecting the Mobile Client to VPC

Step 1: Create an SSL VPN Gateway

Step 2: Create an SSL VPN Server

Step 3: Create an SSL VPN Client

Step 4: Configure the Tencent Cloud Routing Policy

Step 5: Configure the Mobile Client

Step 6: Test the Connection

Operation Guide

VPN Gateway

IPSec VPN Gateway

Creating a IPSec VPN Gateway

Configuring The Routing Policies From The Tencent Cloud To User

Associating a CCN Instance

Publishing IDC IP Ranges to CCN

Modifying IPSec VPN Gateways

Deleting IPSec VPN Gateway

Viewing IPSec VPN Gateway

SSL VPN Gateway

Creating an SSL VPN Gateway

Associating a CCN Instance

Modifying SSL VPN Gateways

Deleting SSL VPN Gateways

Viewing SSL VPN Gateways

VPN Tunnel

Creating a VPN Tunnel

Viewing VPN Tunnels

Configuring Health Checks

Generate Peer End Configuration

Viewing Tunnel Logs

Modifying VPN Tunnel

Deleting VPN Tunnel

Customer Gateway

Creating Customer Gateways

Viewing Customer Gateways

Modifying Customer Gateways

Deleting Customer Gateways

SSL VPN Server

Creating the SSL VPN Server

Viewing the SSL VPN Server

Deleting the SSL VPN Server

Export SSL server list

SSO Authentication

Enabling Access Control

Disabling Access Control

Configuring Access Control Policy

SSL VPN Client

Creating SSL VPN Client

Viewing SSL VPN Client

Deleting SSL VPN Client

Downloading SSL VPN Client Configuration

Managing SSL VPN Client Certificate

Binding an Anti-DDoS Instance

Alarming and Monitoring

Viewing Monitoring Data

SSL VPN Configuration Guide

SSL VPN Configuration Guide

IPSec VPN Configuration Guide

IPSec VPN Configuration Guidelines

Operations Overview

Practical Tutorial

IPsec VPN

Connect via Direct Connect or VPN Connection to Interconnect the Primary and Replica Links for Redundant Communication (Auto-Switch)

Hybrid Cloud Primary/Secondary Communication (DC and VPN)

Connecting IDC to CCN

Local Gateway Configurations

Configuring a Cisco Firewall

Connecting IDC to a Single Tencent Cloud VPC for Primary/Secondary Disaster Recovery

Dedicated Private Network Traffic Encrypted Via a Private Network VPN Gateway

Solution Overview

Dedicated Private Network Traffic Encrypted Via a Private Network VPN Gateway

Establishing a VPN Connection between Tencent Cloud and Azure China

Establishing Connection Between IDC and Cloud Resources (Dynamic BGP)

SSL VPN

Connecting Client to VPC

SSL VPN Access Control Guide（okta）

API Documentation

FAQs

About IPsec gateways

Troubleshooting

VPN Tunnel Unconnected

VPN Tunnel Connected Yet Private Network Unconnected

IPSec VPN Error Description for Negotiation Failure

Service Agreement

Service Level Agreement

DocumentationVPN ConnectionsOperation Guide IPSec VPN Configuration GuideIPSec VPN Configuration Guidelines

IPSec VPN Configuration Guidelines

Last updated: 2024-01-09 14:29:29

IPSec VPN Configuration Guidelines

Last updated: 2024-01-09 14:29:29

Prerequisite
The local private IP range and the Tencent Cloud VPC cannot overlap.
Configuration
1. ﻿Create an IPSec VPN gateway
Create a VPN gateway using the IPSec protocol.
2. Create a customer gateway
Specify the Tencent Cloud IP range and the client IP range to connect in the SSL VPN server.
3. ﻿Create a VPN tunnel
The client uses certificate and key to connect with the VPN gateway. The client and the server verify their certificates bidirectionally. After verification, the server assigns an IP from the client IP address pool to the client for connecting with CVM in VPC.
4. Configure a local gateway.
Complete the gateway configuration at the client side.
Note: 
 Tencent IPSec VPN supports the mainstream client gateway (firewall) in the industry. See Local Gateway Configurations.
5. ﻿Configure a route within VPC.
Configure the routing and forwarding policies for the IDC to connect with Tencent Cloud VPC. Set the the IP range of the opposite network as the destination address, and VPN tunnel or CCN as the next hop type.
VPN tunnel: select an existing VPN tunnel
CCN: the CCN instance associated with the VPN gateway is displayed here
6. Test the connectivity 
Use ping to verify the connectivity of IPSec VPN connection after the above configurations.

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

No

Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support