This article provides step-by-step instructions on how to configure VPN Gateway on both ** Alibaba Cloud ** and Amazon Web Services for multi-cloud solutions.
Solutions Architect Evan Wong
Multi-cloud is one of the most sought after architectural designs to bridge the benefits of having multiple technologies and avoid vendor lock-in. There are several options for allowing Alibaba Cloud to connect to various cloud providers. One is to connect via the public internet via a VPN gateway. This article focuses on a step-by-step guide to setting up a VPN Gateway (https://www.alibabacloud.com/en/product/vpn-gateway) on both Alibaba Cloud and Amazon Web Services.
The following articles provide step-by-step instructions on how to set up a VPN Gateway to establish a connection to AWS.
Before proceeding to the guide, you need the following elements:
1, computer or laptop 2, web browser, Google Chrome recommended 3, internet, 5Mbps recommended 4, Alibaba Cloud Account
Select your region, VPC, peak bandwidth, and billing method.
After purchase, you should see the new VPN Gateway in the console.
Please name it:
Next, create a customer gateway. Click Create Customer Gateway and enter your name and IP address.
Once created, it should appear on the console. Then go to the VPN connection page.
Provide the VPN connection name and select the correct VPN and customer gateway, local and remote networks, and pre-shared keys.
Check the connection status. The status should be "Phase 2 of IKE Tunnel Negotiation Succeeded".
After successfully establishing the VPN Gateway, the next step is to add a route entry to your VPC to allow ECS to communicate with EC2 on AWS.
Go to the VPC-> VRouters page. Click Add Route Entry.
Enter the CIDR Block from AWS, select VPN Gateway as the Next Hop Type, and select the VPN Gateway you just created.
If you check again on the VRouter info page, you should see a list of new route entries.
Go to your virtual private cloud and click Create Virtual Private Gateway.
Key in the name and click Create Virtual Private Gateway.
When you're done, attach your VPC.
Go to Customer Gateway and create a new Customer Gateway.
Enter the name of the customer gateway and the IP address of the Alibaba Cloud VPN gateway.
Select the correct VPN gateway and select the existing customer gateway you created earlier. Select the static routing option and enter the static IP prefix that is the subnet of your VPC.
Before you can grant access to your AWS EC2 instance, you need to add a route table for Alibaba Cloud to connect to AWS.
Make sure you need to add a similar route entry on the AWS side as well. Then create ECS and EC2 or ping test using an existing instance.
This VPN gateway solution allows customers using services on both Alibaba Cloud and AWS to securely connect between the two sites over the Internet.
1、VPN Gateway 2、Virtual Private Cloud 3、Elastic Compute Service
Recommended Posts