By Evan Wong, Solutions Architect

Multi- is one of the most sought-after architecture design that bridges the benefits of having multiple technology capabilities of the providers and to avoid vendor lock-in. To be able to to the various cloud providers with Cloud, there are few options. One of the method is to connect via the through the public internet. This lab focuses on the step by step guide on setup the Gateway on both Cloud and Amazon Web Services.

1.jpeg

The following lab provides the steps by steps on how to setup VPN Gateway to establish the connection to .

Prerequisites

Before going through the step-by-step guide, you should have:

A decent computer or laptop
A web browser, recommended Google Chrome
A internet, suggested 5Mbps
An Alibaba Cloud account
Step 1: Create VPN Gateway on Alibaba Cloud

Choose the region, VPC, peak bandwidth and billing method.

2.png

After the purchase, you should be able to see the new VPN Gateway on the console.

Give it a name:

3.png

Create Customer Gateway

Next, create a customer gateway. Click on the Create Customer Gateway, enter the name and IP address.

4.png

After it has created, it should appear on the console. Next navigate to the VPN connection page.

5.png

Create VPN Connection

Provide the VPN connection name, choose the correct VPN and Customer Gateway, the local and remote network, as well as the pre-shared key.

6.png

Check the connection status. The status should state “Phase 2 of IKE Tunnel Negotiation Succeeded”.

7.png

Add Route Entry

After the VPN Gateway has been established successfully, the next step is to add the route entry to the VPC in order for the ECS to be able to communicate with the EC2 in AWS.

Navigate to the VPC -> VRouters page. Click on the Add Route Entry.

8.png

Enter the CIDR Block from the AWS, choose VPN Gateway as the Next Hop Type and select the VPN Gateway that was created a moment ago.

9.png

Recheck again on the VRouter information page, the new route entry list should be appeared on the list

10.png

Step 2: Create VPN Gateway on Amazon Web Services

Navigate to Virtual Private Cloud, and click Create Virtual Private Gateway.

11.png

Key in a name and click Create Virtual Private Gateway.

After completed, attach a VPC.

12.png

Create Customer Gateway on Amazon Web Services

Navigate to Customer Gateway and create a new Customer Gateway.

13.png

Enter a name for the customer gateway and enter the IP address of the Alibaba Cloud VPN Gateway.

14.png

Create VPN Connection on Amazon Web Services

Choose the correct VPN Gateway and choose the existing Customer Gateway that has been created earlier. Select static routing option and enter a static IP prefixes which is the subnet of the VPC.

15.png

16.png

Add a Route Table on Amazon Web Services

Before you allow the access to the AWS EC2 instances, the route table need to be added in order for the Alibaba Cloud to connect to the AWS.

17.png

Step 3: Test Connectivity

Make sure on the AWS side, the similar route entry have to be added as well. Next create ECS and EC2 or using the existing instances to do a ping test.

18.png

Conclusion

This VPN Gateway solution allows customer who are consuming services in both Alibaba Cloud and AWS to be able have a secure connectivity between both sites over internet.

Related Products

VPN Gateway
Virtual Private Cloud
Elastic Compute Service

Reference:



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here