Available in Classic and VPC
You can easily create and operate VPN Gateways and tunnels in NAVER Cloud Platform's IPsec VPN. You can learn how to use IPsec VPN in Getting Started with IPsec VPN and Using IPsec VPN, but we recommend that you first review IPsec VPN use scenarios. By reading through the use scenarios first and then learning the instructions, you will be able to use IPsec VPN more efficiently. The overall sequence of using IPsec VPN and description of each sequence are as follows:
1. Set usage permissions
2. Preparations
3. Create IPsec VPN Gateway
4. Create IPsec VPN Tunnel
5. Follow-ups
6. Set user network VPN
7. Ping test
8. Check connection
1. Set usage permissions
Set the usage permissions for using IPsec VPN. IPsec VPN usage permissions are defined by mapping roles to sub accounts issued by NAVER Cloud Platform's Sub Account. Thus, you need to first create sub accounts other than your main account through Sub Account.
Sub Account is a service provided free of charge upon subscription. For an introduction on Sub Account and details about its pricing plans, see Services > Management & Governance > Sub Account on the NAVER Cloud Platform portal.
You can use sub accounts provided by Sub Account to configure admin permissions and user permissions of IPsec VPN. You can see the following user guides:
2. Preparations
To use IPsec VPN, the following environment is required for each platform:
| Platform | Requirements |
|---|---|
| VPC | |
| Classic |
Set the required environment first according to the platform you are using. You can see the following user guides:
3. Create IPsec VPN Gateway
Create a VPN gateway from the NAVER Cloud Platform console. You can see the following user guides:
- VPC
- Classic
4. Create IPsec VPN Tunnel
Create a VPN tunnel to connect to the gateway you created. You can see the following user guides:
- VPC
- Classic
5. Follow-ups
After creating the VPN tunnel, the following steps are required for each platform:
| Platform | Follow-ups |
|---|---|
| VPC | |
| Classic |
Depending on the platform you are using, conduct necessary tasks. You can see the following user guides:
- To configure routing on a remotely accessed server, follow these steps:
[root@hostname]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth1 [root@hostname]# cat /etc/sysconfig/network-scripts/ifcfg-eth1 # Edit eth1 network file DEVICE=eth1 BOOTPROTO=STATIC IPADDR=192.168.10.12 NETMASK=255.255.255.0 ONBOOT=yes [root@hostname]# /etc/init.d/network restart # Restart network [root@hostname]# route add –net <Peer private IP range> gw <Local network gateway public IP> eth1 - After configuring routing, you can check the Route Table by entering route – n command.
6. Set user network VPN
Check your network configuration and create VPN gateways and tunnels.
- Check network configuration
- It must not overlap with NAVER Cloud Platform's Private Subnet range.
- Customer networks in use overlapping with 100.64.0.0/10 cannot be connected with IPsec VPN and Cloud Connect.
- Check VPN Gateway
- The public IP of the customer's VPN Gateway must be the same as the Peer IP entered when setting up the NAVER Cloud Platform's IPsec VPN Tunnel.
- Create VPN Tunnel
- The local network becomes the customer network, and the remote network becomes NAVER Cloud Platform's Private Subnet.
- Peer IP becomes the public IP of NAVER Cloud Platform's IPsec VPN Gateway.
- The set values for IKE should be the same as those of NAVER Cloud Platform's IPsec VPN Tunnel.
- Set host
- Set the routing for NAVER Cloud Platform's Private Subnet.
The specific setting method differs depending on the manufacturer of the VPN Gateway device in use. You can see the following user guides:
7. Ping test
Sends a ping or ssh command from the NAVER Cloud Platform server to a host in the customer's network to test whether they are connected to each other.
8. Check connection
Access the console and verify that the IPsec VPN Tunnel is displayed as Active. You can see the following user guides:
- VPC
- Classic