The VPN Service is associated with a router. After the user creates the service, it can contain multiple VPN connections.
All VPN services are listed under Networking > VPN Services (Figure 1). The VPN services can be expanded for details by clicking , to the right of each item, like shown in the image below (Figure 2).
Figure 1. VPN Services list
Figure 2. VPN Service options
A new VPN service can be created on the right corner of the page, in Create New VPN (Figure 3).
Figure 3. Create New VPN - button
When creating a VPN service, there are two different ways for the user to perform it (Figure 4).
- Manually creating a VPN Service
- Quick Connect, setup VPN automatically between two (2) City Cloud Datacenters.
Figure 4. Create a New VPN Service - options
When manually creating a VPN service, the user need to, previously, have configured:
Creating a VPN Service - Manually
The name for the VPN Service should be provided along with the region (datacenter) and the network (Figure 5). After the service is created, it will stay in PENDING_CREATE (Figure 6) status until all connections are configured. By clicking, the user will be able to add connections to the VPN service, view more details, or delete the VPN service (Figure 7).
Figure 5. Create VPN Service
Figure 6. VPN Service - PENDING_CREATE
Figure 7. VPN Service options
The option to Add new connection will open a section where the user can create a sit-to-site IPsec Site Connection for the VPN Service (Figure 8).
- Name: Set friendly name for the connection
- IPsec Policy: IPsec policy associated with this connection
- IKE Policy: IKE policy associated with this connection
- Peer Endpoint Group: Peer endpoint group with CIDR(s) for IPSec connection
- Peer gateway IP: Peer router identity for authentication. Can be IPv4/IPv6 address or FQDN
- Pre-Shared Key (PSK): Pre-shared key string
Advanced Options (Figure 9)
- Initiator State: Bi-Directional/Response only
- Maximum transmission unit size: MTU size for the connection
- DPD action: Ipsec connection Dead Peer Detection; Clear, Hold, Restart, Disable
- DPD interval: Non negative integer. Interval should be less than ‘timeout
- DPD timeout: Non negative integer
Figure 8. Create IPsec Site Connection
Figure 9. Create IPsec Site Connection - Advanced Options