База знаний Cloupard
×

4.5.6 VPN management in the Elastic Cloud KVM networks

 
VPN connection service is used to ensure network connectivity of the resources and services that are connected to the cloud network of Elastic Cloud KVM and network resources in another location (for example, in office, another cloud, etc.) 
We use site-to-site VPN technology, for which it is possible to create IPsec VPN connection under the IKEv2 protocol.
1. VPN connection creation and management. 
  • The «Virtualnetworks» section is destined for creating VPN connections for a specific network; 
  • The "VPN connections" section is destined for managing already created VPNs. 
2. Preparation for creating a VPN connection.
 To create a VPN connection for a KVM virtual network that needs to be connected to an external network, it is necessary to assign an external IP address.
  • If a network is already created, click "Add external IP";
     
When creating a new network choose the "Public IP" switch.
 
3. Creating a VPN connection.
  •  Creating a VPN connection is possible in the section KVM → Virtual networks via the VPN button, which can be activated after connecting an external IP address to a virtual network; 
 
  • On the «Add VPN» page you can find IP address of a VPN gateway and a network address. These parameters will be required when setting up a VPN connection on the external network side.
 
4. Setting up a VPN connection.
 When creating a VPN connection via the «Add» button it is necessary to choose the available IPsec encryption options, the VPN gateway address on the connected external network side and an encryption key and add a network address(es) behind the external VPN gateway, to which the traffic will be delivered from the cloud network. There can be multiple networks behind a VPN gateway. Specify those of them, in which it is required to provide routing. When setting up an external VPN gateway you should also specify the address of the connected virtual network on the side of the provider to ensure routing.
The key and all parameters encryption options should match on both sides of the VPN connection.
 
 
5. Checking status of a VPN connection.
 With the correct VPN gateway customization on both sides, the connection will switch to the status «Connected» on the page with the list of the VPN connections.
 
6. Managing created VPNs.
  • Managing created VPNs is possible in the general section «VPN connections»;