By Evan Wong, Solutions Architect
Multi-cloud is one of the most sought-after architecture design that bridges the benefits of having multiple technology capabilities of the providers and to avoid vendor lock-in. To be able to connect to the various cloud providers with Alibaba Cloud, there are few options. One of the method is to connect via the VPN gateway through the public internet. This lab focuses on the step by step guide on setup the VPN Gateway on both Alibaba Cloud and Amazon Web Services.
The following lab provides the steps by steps on how to setup VPN Gateway to establish the connection to AWS.
Before going through the step-by-step guide, you should have:
Choose the region, VPC, peak bandwidth and billing method.
After the purchase, you should be able to see the new VPN Gateway on the console.
Give it a name:
Next, create a customer gateway. Click on the Create Customer Gateway, enter the name and IP address.
After it has created, it should appear on the console. Next navigate to the VPN connection page.
Provide the VPN connection name, choose the correct VPN and Customer Gateway, the local and remote network, as well as the pre-shared key.
Check the connection status. The status should state "Phase 2 of IKE Tunnel Negotiation Succeeded".
After the VPN Gateway has been established successfully, the next step is to add the route entry to the VPC in order for the ECS to be able to communicate with the EC2 in AWS.
Navigate to the VPC -> VRouters page. Click on the Add Route Entry.
Enter the CIDR Block from the AWS, choose VPN Gateway as the Next Hop Type and select the VPN Gateway that was created a moment ago.
Recheck again on the VRouter information page, the new route entry list should be appeared on the list
Navigate to Virtual Private Cloud, and click Create Virtual Private Gateway.
Key in a name and click Create Virtual Private Gateway.
After completed, attach a VPC.
Navigate to Customer Gateway and create a new Customer Gateway.
Enter a name for the customer gateway and enter the IP address of the Alibaba Cloud VPN Gateway.
Choose the correct VPN Gateway and choose the existing Customer Gateway that has been created earlier. Select static routing option and enter a static IP prefixes which is the subnet of the VPC.
Before you allow the access to the AWS EC2 instances, the route table need to be added in order for the Alibaba Cloud to connect to the AWS.
Make sure on the AWS side, the similar route entry have to be added as well. Next create ECS and EC2 or using the existing instances to do a ping test.
This VPN Gateway solution allows customer who are consuming services in both Alibaba Cloud and AWS to be able have a secure connectivity between both sites over internet.
Alibaba Clouder - December 27, 2018
Alibaba Clouder - July 12, 2021
Haemi Kim - July 12, 2021
Alibaba Clouder - February 7, 2018
Alibaba Clouder - January 11, 2021
Sabith - July 27, 2018
A key value database service that offers in-memory caching and high-speed access to applications hosted on the cloudLearn More
An online computing service that offers elastic and secure virtual cloud servers to cater all your cloud hosting needs.Learn More
An on-demand database hosting service for MySQL, SQL Server and PostgreSQL with automated monitoring, backup and disaster recovery capabilitiesLearn More
More Posts by Alibaba Clouder