tencent cloud

Feedback

Solution Overview

Last updated: 2024-08-15 16:11:51
    Note:
    VPN gateway IP address belongs to the tenant's VPC.
    VPN currently only supports the VPC-type VPN. The CCN-type VPN gateway is not supported at the moment.
    VPN does not currently support the dynamic BGP.
    If you need to use a VPN, please submit a ticket for consultation.

    Scenario Description

    After the communication through private network is established between the local IDC and the VPC on the cloud via a connection, the VPN gateway can establish an encrypted communication tunnel with the local gateway device through the existing private network connection. You can steer the traffic between the local IDC and VPC that needs to communicate with each other into the encrypted communication tunnel through the relevant route configuration, achieving the encrypted communication of private network traffic.
    

    Principles of Encrypted Private Network Traffic Communication

    For your convenience, the following specific instance illustrates the process of encrypted VPN traffic communication.
    
    Serial Number
    Forwarding Object
    Description
    User IDC Server
    The client initiates an access request, and the request message is routed to the IDC local gateway.
    IDC Local Gateway
    The local gateway encrypts and encapsulates the request message. After encapsulation, it forwards the request message to the direct connect gateway on the cloud based on the configured route.
    Direct Connect Gateway
    After receiving the encapsulated request message, the direct connect gateway forwards it to the VPC.
    VPC
    After receiving the encapsulated request message, the VPC forwards the request message to the VPN gateway.
    VPN Gateway
    1. The VPN gateway receives the encapsulated request message and decrypts it.
    2. After decrypting the request message, the VPN gateway traverses the route table based on the destination IP address in the request message, then forwards the request message to the CVM.
    CVM
    1. After receiving the decrypted request message, the CVM responds by sending a response message to the client.
    2. The CVM queries the route table based on the destination IP address of the response message and forwards the response message to the VPN gateway.
    VPN Gateway
    1. After receiving the response message, the VPN gateway encrypts it.
    2. Based on the encrypted destination IP address of the response message, the VPN gateway queries the routing table and forwards the response message to the VPC.
    VPC
    After receiving the encrypted response message, the VPC queries the route table and forwards the encrypted response message to the direct connect gateway.
    Direct Connect Gateway
    After receiving the encrypted response message, the direct connect gateway queries the route table and forwards the encrypted response message to the IDC local gateway.
    IDC Local Gateway
    1. After receiving the response message, the IDC local gateway decrypts it.
    2. The local gateway device queries the routing table based on the destination IP address decrypted from the response message and forwards the response message to the server.
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support