What Is Virtual Private Network?
Overview
Virtual Private Network (VPN) establishes secure, reliable, and cost-effective encrypted connections between your on-premises network or data center and a virtual network on Huawei Cloud.
A VPN consists of a VPN gateway, a customer gateway, and one or more VPN connections.
- A VPN gateway provides an Internet egress for a VPC to connect to a customer gateway in your on-premises data center.
- A VPN connection connects a VPN gateway to a customer gateway through encrypted tunnels, enabling communication between a VPC and your on-premises data center. This helps quickly establish a secure hybrid cloud environment.
Figure 1 shows the VPN networking.
Figure 1 VPN networking
Components
VPN gateway: is a virtual gateway of a VPN on Huawei Cloud. It establishes secure private connections with a customer gateway in your on-premises network or data center.
Customer gateway: is a resource that provides information to Huawei Cloud about your customer gateway device, which can be a physical device or software application in your on-premises data center.
VPN connection: is a secure channel between a VPN gateway and a customer gateway. VPN connections use the Internet Key Exchange (IKE) and Internet Protocol Security (IPsec) protocols to encrypt the transmitted data.
Accessing the VPN Service
You can access the VPN service through the web-based management console.
If you have registered an account, log in to the management console and choose Networking > Virtual Private Network to log in to the VPN console.
If you do not have an account, register one first by referring to Preparations.
Product Advantages
-
High Data Security
Data is encrypted using IKE and IPsec for secure and reliable transmission.
Data is encrypted using IKE and IPsec for secure and reliable transmission.
-
High Availability
Active-active gateways can be deployed and dynamic routing is supported to achieve failover in seconds.
Active-active gateways can be deployed and dynamic routing is supported to achieve failover in seconds.
-
Cost-Effectiveness
IPsec encrypted connections over the Internet provide a cost-effective alternative to Direct Connect.
IPsec encrypted connections over the Internet provide a cost-effective alternative to Direct Connect.
-
Easy to Use
A VPN connection can be created in a few simple steps and is ready to use immediately after being created.
A VPN connection can be created in a few simple steps and is ready to use immediately after being created.
Why VPN on Huawei Cloud?
Secure, Reliable, Elastic, and Flexible
- Secure and reliable IPsec connections between your local data center and your VPC on the cloud to ensure the security and reliability of the hybrid cloud architecture
- Active-active gateway deployment, guaranteeing an SLA of 99.95% reliability
- Multiple gateway specifications, allowing for elastic and flexible scaling requirements of applications and services
Active-Active Gateways, High Bandwidth, and Multiple Connections
- Support for active-active gateways in different AZs, delivering AZ-level high availability
- Support for policy-based routing, static routing, and dynamic routing for your selection
- Bandwidths and VPN connections can be flexibly combined based on your service requirements.
Backup Between VPN and Direct Connect
- You can use a VPN link to back up a Direct Connect link. Traffic is automatically switched to the VPN link if there is a Direct Connect link failure.
- Automatic convergence of dynamic routes, achieving failover in seconds and thereby ensuring service continuity.
Easy to Use and Manage
- You can purchase VPN gateways on demand. The VPN gateways are billed on a yearly/monthly or pay-per-use basis and take effect immediately upon provisioning.
- An intuitive UI makes it easy for you to configure and manage your VPN connections.
- You can connect your local data center to the cloud with a simple configuration on your VPN device.
