VPC Site to Site VPN
Overview of Site to Site VPN
Site to Site (S2S) VPN is a way to extend your corporate network into your Cloud Platform and vice versa.
With S2S VPN you'll be able to reach your isolated servers by their internal ip address without having to port forward,
this is great for cases where you don't want to expose your services to others.
Cloud Portal Configuration
Create VPN Customer Gateway
A VPN Customer Gateway is the configuration of the VPN connection details.
To set up a new VPN Customer Gateway Connection do this:
In the Cloud Portal, open the 'EVRY Public Cloud' under 'My Services'.
From there, go to 'VPN Customer Gateway', that should give you an overview like this:
Press the 'Add New' button to create a new VPN Gateway.
In the 'Add VPN Customer Gateway' window, fill in all relevant options
'Name' should be an unique descriptive name, e.g. 'Connection to Head Quarters'
'Gateway IP' is the IP to the VPN gateway on your end
'CIDR List' is the list of CIDRs your VPN gateway exposes. this has to be equal on both ends
'IPSec Preshared Key' is the preshard key you want to use for this connection. this has to be equal on both ends
Phase 1 / 2 encryption values should be set to the same as your VPN gateway. this has to be equal on both ends
'Dead Peer detection' should be set to the same as your VPN gateway.
At last you have to accept the 'Terms and Conditions' and press 'Confirm'
Example:
-
Create VPN Connection
In the 'EVRY Public Cloud' services menu, go to 'VPCs'
Choose the right VPC and press the 'VPN Connections' tab
-
Click on 'Add VPN Connection'
Choose the correct 'VPN Customer Gateway'
Accept to the terms and conditions
Press 'Confirm'
-
If everything is sucecssfull you should see a message like this:
-
Troubleshooting
Site to Site VPN is extremely picky that all configurations are equal on both ends.
Troubleshooting tips:
Network equipment configuration
Cisco
Checkpoint
Juniper
OpenVPN