SSL-VPN can be used to connect a client to a virtual private cloud (VPC) so that the client can remotely access applications and resources in the VPC in a secure manner. This topic describes how to use SSL-VPN.
Prerequisites
Before you use SSL-VPN to connect a client to a VPC, make sure that the following requirements are met:
The private CIDR block of the client does not overlap with the private CIDR block of the VPC. Otherwise, the client and the VPC cannot communicate with each other.
The client can access the Internet.
The security group rules that apply to the Elastic Compute Service (ECS) instances in the VPC allow the client to access the ECS instances. For more information, see View security group rules and Add a security group rule.
Procedure
Step | References | Description |
1 | When you create a VPN gateway, you must enable the SSL-VPN feature for the VPN gateway. | |
2 | On the SSL server, specify the private CIDR block that the client needs to access and the CIDR block that is used by the client. | |
3 | Create and download an SSL client certificate based on the SSL server that you create. | |
4 | Download and install VPN software on the client, load the SSL client certificate, and establish an SSL-VPN connection. | |
5 | Test the network connectivity | Open the CLI on the client, and run the ping command to access an application or a service in the VPC. |
Common scenarios
For more information about common scenarios, see Connect a client to a VPC.