This topic describes how to use the SSL-VPN function to connect a remote client to a VPC.
Prerequisites
The following conditions must be met before you deploy a VPN Gateway:
- The client and the VPC are not using the same private CIDR block.
- The client is able to access the Internet.
Procedure
The following figure illustrates the work flow of how to connect a client to a VPC by using the SSL-VPN function.
- Create a VPN Gateway
Create a VPN Gateway and enable the SSL-VPN function.
- Create an SSL server
Specify the IP address range of the SSL server and the IP address range used by the client.
- Create a client certificate
Create the client certificate according to server configurations, and then download the client certificate and configurations.
- Configure the client
Download and install client VPN software in the client, load the client certificate and configurations, and initiate the connection.
- Configure security groups
Make sure that the security group rules of ECS instances in the VPC allow remote access.