All Products
Search
Document Center

VPN Gateway:Overview

Last Updated:Mar 07, 2024

SSL-VPN can be used to connect a client to a virtual private cloud (VPC) so that the client can remotely access applications and resources in the VPC in a secure manner. This topic describes how to use SSL-VPN.

Prerequisites

Before you use SSL-VPN to connect a client to a VPC, make sure that the following requirements are met:

  • The private CIDR block of the client does not overlap with the private CIDR block of the VPC. Otherwise, the client and the VPC cannot communicate with each other.

  • The client can access the Internet.

  • The security group rules that apply to the Elastic Compute Service (ECS) instances in the VPC allow the client to access the ECS instances. For more information, see View security group rules and Add a security group rule.

Procedure

image

Step

References

Description

1

Create and manage a VPN gateway

When you create a VPN gateway, you must enable the SSL-VPN feature for the VPN gateway.

2

Create and manage an SSL server

On the SSL server, specify the private CIDR block that the client needs to access and the CIDR block that is used by the client.

3

Create and manage an SSL client certificate

Create and download an SSL client certificate based on the SSL server that you create.

4

Configure the client

Download and install VPN software on the client, load the SSL client certificate, and establish an SSL-VPN connection.

5

Test the network connectivity

Open the CLI on the client, and run the ping command to access an application or a service in the VPC.

Common scenarios

For more information about common scenarios, see Connect a client to a VPC.