No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


FusionCloud 6.3.0 Solution Description 05

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).


The Internet Protocol Security (IPsec) VPN is an encrypted tunneling technology that uses encrypted security services to establish confidential and secure communications tunnels between different networks.

In the example shown in Figure 11-1, you have created a VPC that has two subnets, and, on the cloud. You also have two subnets, and, on your router deployed in your data center. In this case, you can create an IPsec VPN to enable communication between subnets in your VPC and those in your physical data center.

Currently, the site-to-site VPN and hub-spoke VPN are supported. You need to set up VPNs in both your physical data center and the VPC to establish the VPN connection.

You must ensure that the VPN in your VPC and that in your data center use the same IKE and IPsec policy configurations. Before creating a VPN, familiarize yourself with the protocols described in Table 11-1 and ensure that your device meets the requirements and configuration constraints of the involved protocols.

Table 11-1 Involved protocols




RFC 2409

Defines the IKE protocol, which negotiates and verifies key information to safeguard VPN connections.

  • Use the PSK to reach an IKE peer agreement.
  • Use the main mode to perform the negotiation.

RFC 4301

Defines the IPsec architecture, the security services that IPsec offers, and the collaboration between components.

Set up a VPN connection using the IPsec tunnel.

Figure 11-1 IPSec VPN
Updated: 2019-04-23

Document ID: EDOC1100026685

Views: 152023

Downloads: 262

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next