This topic describes how to use ClassicLink to connect a classic network to a Cloud Storage Gateway (CSG) instance.

Background information

CSG is a storage service that helps you seamlessly integrate on-premises applications, infrastructure, and data storage with Alibaba Cloud. You can deploy virtual devices complied with standard storage protocols in your on-premises data centers or on Alibaba Cloud. This allows you to seamlessly connect on-premises storage applications and workloads to Alibaba Cloud storage and computing services.

CSG automatically deploys gateways, allocates resources, and connects to Elastic Compute Service (ECS) instances deployed in VPC networks. In the public offering of Alibaba Cloud, a large number of ECS instances are deployed in classic networks. These ECS instances cannot automatically connect to CSG. You can use ClassicLink to connect a classic network to CSG. ClassicLink enables ECS instances in a classic network to communicate with cloud resources in a VPC network.

Configure VPC networks and CSG instances

  1. Configure the VPC network.
    1. Log on to the Create an IPv4 VPC.
    2. Create a VPC network. For more information, see Create an IPv4 VPC.

      We recommend that you create a VPC network that uses the 172.16.0.0/12 CIDR block to facilitate the configuration. If you have already created a VPC network, skip this step.

    3. Find and click the target VPC network, and then click Enable ClassicLink in the upper-right corner.
  2. Create a CSG instance.
    1. Log on to the Cloud Storage Gateway console.
    2. Create a CSG instance.

      When you create a CSG instance, select the VPC network created in Step 1.

      • For more information about how to create file gateways deployed on Alibaba Cloud, see Create a file gateway.
      • For more information about how to create block gateways deployed on Alibaba Cloud, see Create a block gateway.

Configure the ECS instance deployed in a classic network

  1. Log on to the ECS console.
  2. Select the region where the ECS instance is deployed.
  3. On the Instances page, find the ECS that needs to connect to CSG and choose More > Network and Security Group > Set classic link.
  4. In the dialog box that appears, select the target VPC network, click OK, and then click Go to the instance security group list and add ClassicLink rules.
  5. Click Add ClassicLink Rule, set the following parameters, and then click OK.
    Parameter Description
    Classic Security Group The name of the classic network security group.
    Select VPC Security Group Select the VPC security group where the CSG instance belongs.
    Mode Select an authorization mode.
    • Classic <=> VPC (recommended): This mode allows resources in classic and VPC networks to access each other.
    • Classic => VPC: This mode only allows resources in classic networks to access resources in VPC networks.
    • Classic <= VPC: This mode only allows resources in VPC networks to access resources in classic networks.
    Protocol Type Select a communication protocol, such as customized TCP.
    Port Range Specify the port range in the format of xx/xx. For example, if you want to authorize port 80, enter 80/80.
    Different protocols use different ports. Specify the ports based on your actual business needs.
    • HTTPS: 443.
    • NFS: 111 (TCP and UDP), 875 (TCP and UDP), 892 (TCP and UDP), 2049 (TCP and UDP), 32888 (TCP and UDP), and 32889 (TCP and UDP).
    • SMB: 137 (UDP), 138 (UDP), 139 (TCP), 389 (TCP), 445 (TCP and UDP), and 901 (TCP).
    • iSCSI: 860 (TCP) and 3260 (TCP).
    Priority Set the priority of the rule. The smaller the value, the higher the priority. For example, you can set the priority to 1.
    Description Enter the description of the security group.
  6. Navigate to the Instances page to verify the connection status.

    If the Connection Status is Connected, it indicates that the ECS instance in the classic network is connected to the VPC network.

Access the CSG instance