How to set up a site-to-site VPN in the cloud

Home
Blog
Instructions
How to set up a site-to-site VPN in the cloud

Categories

19 December 2017

We help our clients to make their business convenient, and information storage and exchange secure. Therefore, we quickly respond to requests that users of our virtual servers make to our support service, and prepare clear instructions for solving important tasks.

Previously, we wrote about how to set up a client-to-site VPN, and in this post, we will tell you how to set up a site-to-site VPN in the cloud.

Site-to-site VPN is a type of connection in which two routers are combined into one local network. The connection goes through an encrypted tunnel, provides secure storage of information, and eliminates a number of problems that may occur when connecting to a remote desktop.

The router provides a VPN connection. It also serves as a gateway for a local network that computers are connected to. Therefore, nothing changes in the operation of your computers. You continue to work in the same mode.

Site-to-site VPN connection scheme:

It's simple. Carefully read each step, follow the instruction, and you everything will go well.

To create a tunnel, an IPsec connection type is used, which must be supported by a router.

Step 1. In the server administration panel, go to the Network tab, choose Select view — VPC, and then click the Add VPC button.

Step 2. Fill in the required fields in the window that has appeared and wait for 1-3 minutes. The system will process the request and create VPC.

Note that CIDR for the intended network must be different from the local network CIDR or any other local network within the Apache CloudStack account.

CIDR is limited to addresses intended for building a private network. In other words, use addresses from the rfc1918-network, namely:

10.0.0.0 — 10.255.255.255 (10/8 prefix)
172.16.0.0 — 172.31.255.255 (172.16/12 prefix)
192.168.0.0 — 192.168.255.255 (192.168/16 prefix)

Step 3. After all operations are completed, you will see VPC in the panel. Click Configure here.

Step 4. Fill in the fields:

Note that Gateway and Netmask must be part of CIDR specified in Step 2.

Step 5. in the Router block, select Site-to-site VPNs, and click Yes. This confirms your desire to create this type of VPN:

Step 6. After successful creation of Site-to-site VPNs, you will see the following window:

Step 7. Go back to the Network tab, choose Select view — VPN Customer Gateway, and click Add VPN Customer Gateway:

Step 8. Fill in all the required fields:

Please note that CIDR must be part of the local network of the remote office, and the Gateway must be an external address that is assigned by your provider.

Important: the settings for all parameters must be matched with the router to which the tunnel is being built. The screenshot shows only an example.

IKE and ESP encryption must be matched, as well as the keys. Also, the ESP lifetime must be multiple of 3600 (one hour).

Step 9. After completion of the procedure that we have described above, go back to the Network tab, Select view — VPC.

Select our newly created VPC-1, click Configure, and select Site-to-site.

Here replace Select view with VPN Connection:

Step 10. Click Add VPN Connection and select the previously created VPN Customer Gateway:

Step 11. Wait 1-3 minutes for the operation completion.

Everything is ready. After successful creation of Site-to-site, you will see the following window:

«Connected» must be on both the cloud side and the router side.

If you have any additional questions or something is not working, please contact our support team. We help our clients round-the-clock. You will quickly get answers and help in solving your tasks.

Share:

12 May 2020

Virtual router: what it is and what it is for

A virtual router is a small virtual machine with special software. Its purpose is routing between a virtual private network (VPN) and the Internet. Actually, the virtual router provides the operation of this VPN connection.

17 December 2019

How to configure port forwarding to the server located in a private network

We share useful information for users of virtual machines. Our clients often contact Tucha technical support service with a question about how to configure port forwarding to the server located in a private network...

18 July 2017

How to set up a client-to-site VPN in the cloud

Safety is paramount. Configuring a secure connection to servers via VPN (Virtual Private Network) is one of the most popular tasks assigned to us by our clients. In fact, everything is very simple, and you can easily cope with it independently.

31 October 2017

Using MySQL-Tuner to perfect MySQL server

Manual configuring of MySQL is a complex and non-trivial task, only experienced specialists can do it. For others, including novice webmasters, there is a simple and highly effective solution – the MySQLTuner utility, which will find problem areas in the MySQL database configuration and provide solutions to the identified problems.

23 May 2017

How to forward a local disk to a terminal server from a Windows system

If we are talking about the infrequent transfer of small files, it makes sense to simply forward the local disk to the remote server. To do this, you need to follow three steps.

Other Articles

14 July 2023

How to block access or delete a user on a virtual server

Our customers ask Tucha technical support this question from time to time. The need to block access to a specific user working on a virtual server based on Windows, or delete their account, may arise for various reasons. For example, if a specialist completes work on a project or a full-time employee is dismissed from a company. In this guide, we will show you how to block or delete it in just a few steps.

09 February 2023

How to work with Ping Tracer — a utility for finding a loss of connection with the server

To find out on whose side the error is and how to proceed, we recommend tracing the route and ping intermediate nodes. Special tools will help you do this in just a few simple steps. In the article, we will look at the most simple and convenient, in our opinion, utility for finding a loss of connection with the server — Ping Tracer.

06 February 2023

How to work with the DirectAdmin web hosting control panel. A step-by-step guide

In the previous article about the DirectAdmin web hosting control panel, we gave a general overview of the system and its purpose. Now let us focus in more detail on the functions of the software product and the algorithm of actions that the user usually needs to do when working with the panel.

29 August 2022

DirectAdmin web hosting control panel: functions and features of operation

In this post, we would like to take a look at DirectAdmin, an open API system from Canadian developers JBMC Software. We will tell and visually show the main functions of the panel and how to work with it. So, we hope that those customers who have not yet dared to get rid of another russian software product, after reading this material, will have the opportunity to make sure that DirectAdmin is a worthy alternative to the tools they are currently using.

15 December 2020

How to connect to a remote desktop using an RDP client with Windows

Connecting to a remote desktop is one of the most frequent requests when it comes to remote work organization. We give you a clear step-by-step guide on how to connect to a remote desktop using the RDP client, which is installed on all Windows operating systems from version XP and higher.