To connect local branches attached to a Smart Access Gateway (SAG) device to Alibaba Cloud, you must first create a CCN instance, attach the SAG instance to the CCN instance, and then attach the CCN instance to the CEN instance.

Procedure

  1. Log on to the Smart Access Gateway console.
  2. In the left-side navigation pane, click CCN.
  3. Click Create CCN Instance.
  4. On the Create CCN Instance page, configure the CCN instance according to the configuration items described in the following table.
    Parameter Description
    Name The name of the CCN instance.

    It must be 2 to 128 characters in length and can contain letters, numbers, underscores (_), and hyphens (-). It must begin with a letter.

    Description The description of the CCN instance.

    It must be 2 to 128 characters in length and can contain letters, numbers, underscores (_), and hyphens (-). It must begin with a letter.

    Private CIDR Block The private CIDR blocks used by the CCN instance to access Alibaba Cloud. Click Add Private CIDR Block to add more. You can add up to five CIDR blocks.
    Note
    • The private CIDR blocks of the CCN instance are the collections of the IP address ranges of attached SAG instances. Make sure that the specified private CIDR blocks do not conflict with the CIDR block of the VPC to connect.
    • We recommend that you use RFC private CIDR blocks 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. By default, the CIDR block 192.168.0.0/16 is used if you leave the option blank.

      By default, the mask is /8 to /24 in length. To use other masks, open a ticket.

    SNAT CIDR Block A CIDR block that belongs to the private CIDR blocks of the CCN instance. The mask is /8 to /30 in length.
    Note You can use the SNAT function to resolve IP address conflicts or hide intranet IP addresses. The SNAT CIDR block is a subset of the private CIDR blocks of the CCN instance. When you configure an SNAT rule, you can use an IP address in the SNAT CIDR block as the public IP address.
  5. Click OK.