Demo Site-to-Site VPN

VPN Site-To-Site is a private connection to communicate between two or more private network through a secure connection and safety.

Below is a demonstration of how to connect two LAN networks via the internet secured by a VPN connection (two VPN at 2 site)

Site A: VPC 10.1.0.0/16 with VPN server using PFsense of VNG Cloud Market Place.
Site B: VPC 10.200.0.0/16 with VPN server using VNG Cloud VPN Site-To-Site Service

1. Create Remote Site VPN (using pfsens)

- Access https://<FixedIp>/firewall_rules.php to config firewall rule for LAN

- Access https://<FixedIp>/firewall_rules.php to config firewall rule

Access IPSec Dashboard https://<FixedIp>/vpn_ipsec.php. Figure 3 IPSec Dashboard
Click “Add P1” to config Phase 1
Fill your information
- Key Exchange version: IKEv2
- Protocol IPv4
- Interface WAN
- Remote gateway: Input <FixedIp>
- Pre-shared Key: Input your random preshare (anything you want) -> this key will use to input on VNG’s VPN (Important!)
- Encryption Algorithm
Method AES256 CGM, Key length 128, Hash 256, DH Group 3072 (Important!)
- Life Time: 4 hours = 144000 (Important!)
Save

Access VPN Detail and copy Local Private Gateway
Access vServer Router Tables to config routing for VPN
- Destination: Remote Private CIDR (10.1.0.0)
- Target: Local Private Gateway (10.200.3.3)

Last updated 14 hours ago