No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionCloud 6.3.1.1 Solution Description 04

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
IPsec VPN

IPsec VPN

The IPsec VPN is an encrypted tunneling technology that uses encrypted security services to establish confidential and secure communications tunnels between different networks.

In the example shown in Figure 12-1, you have created a VPC that has two subnets, 192.168.1.0/24 and 192.168.2.0/24, on the cloud. You also have two subnets, 192.168.3.0/24 and 192.168.4.0/24, on your router deployed in your data center. In this case, you can create an IPsec VPN to enable communication between subnets in your VPC and those in your physical data center.

Currently, the site-to-site VPN and hub-spoke VPN are supported. You need to set up VPNs in both your physical data center and the VPC to establish the VPN connection.

You must ensure that the VPN in your VPC and that in your data center use the same IKE and IPsec policy configurations. Before creating a VPN, familiarize yourself with the protocols described in Table 12-1 and ensure that your device meets the requirements and configuration constraints of the involved protocols.

Table 12-1 Involved protocols

Parameter

Description

Limitations

RFC 2409

Defines the IKE protocol, which negotiates and verifies key information to safeguard VPN connections.

  • Use the PSK to reach an IKE peer agreement.
  • Use the main mode to perform the negotiation.

RFC 4301

Defines the IPsec architecture, the security services that IPsec offers, and the collaboration between components.

Set up a VPN connection using the IPsec tunnel.

Figure 12-1 IPsec VPN
Translation
Download
Updated: 2019-10-23

Document ID: EDOC1100063247

Views: 64945

Downloads: 182

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next