IBM Cloud Docs

Adding a connection in the UI

To add a connection to a transit gateway, follow these steps:

Open the IBM Cloud console and log in to your account.
Select the Navigation Menu icon from the upper left, then click Interconnectivity > Transit Gateway.
Click the name of the transit gateway where you want to add a connection.

If you are in the expanded view, click View full details.
In the Connections view, click Add connection.
Choose and configure the specific network connections that you want to add to your transit gateway. Choices include:
- VPC - Allows you to connect to your account's VPC resources, or VPC resources from other accounts as well.
- Classic infrastructure - Allows you to connect to IBM Cloud classic resources.
- Redundant GRE allows unbound GRE tunnels to connect to endpoints in either VPC or classic infrastructure networks, thus allowing you to build in redundancy for GRE tunnels. For more information, see Creating a redundant GRE tunnel.
- Direct Link - Creates a network connection to and from Direct Link gateways so that there is a secure connection to on-premises networks and other resources that are connected to the transit gateway.
  
  If you select Direct Link, you must also log in to the Direct Link console (that uses the same IBM Cloud account) and specify Transit Gateway as the type of network connection for your direct link.
- Power Virtual Server - Creates a network connection to and from a Power Virtual Server instance so that there is a secure connection to networks and other resources connected to the transit gateway.
  
  Location: Select a region for the Power Virtual Server workspace.
  
  If you select Power Virtual Server, you must have a Power Virtual Server workspace created in a PER-enabled data center.For a list of PER-enabled data centers, see Getting started with the Power Edge Router.
  
  To find out if your Power Virtual Server workspace is set up correctly, go to the workspace and check the navigation for a Cloud connections page. If there isn't a Cloud connections page, the workspace leverages the Power Edge Router and can be added as a connection to Transit Gateway. Otherwise, you must configure virtual connections with Cloud connections on the Power Virtual Server.
- Unbound GRE tunnel - Allows a transit gateway to connect to overlay networks hosted on classic infrastructure resources. For prerequisites and detailed instructions, see Creating an unbound GRE tunnel.
Click Add to create a connection.

Adding a connection from the CLI

Before you begin

Complete these prerequisites to use the Transit Gateway CLI, which is implemented as an IBM Cloud CLI plug-in.

Install the IBM Cloud CLI.
Install the tg-cli/tg CLI plug-in to the IBM Cloud CLI.

To install:
```
ibmcloud plugin install tg
```

If you are going to use the CLI with a Virtual Private Endpoint (VPE), you must set the following variable:

export IBMCLOUD_TG_API_ENDPOINT=private.transit.cloud.ibm.com

To add a connection on the transit gateway from the CLI, enter the following command:

ibmcloud tg connection-create|cc GATEWAY_ID --name NAME --network-type [vpc | directlink | classic] --network-id NETWORK_ID --network-account-id NETWORK-ACCOUNT-ID [--output json] [-h, --help]

Where:

GATEWAY_ID: ID of the gateway that the new connection will be on.
--name: Name for the new connection.
--network-type: Network type of the connection. Values are vpc, directlink, or classic.
--network-id: ID of the network connection. For classic, do not set a value. For vpc and directlink, use the CRN. To find the CRN of a VPC:
```
ibmcloud is vpc VPC_ID --json
```
--network-account-id: ID of the IBM Cloud account to use for creating a classic connection. Only used with 'classic' type, when the account of the connection is different than the gateway's account.
--output JSON: Optional: Specify if you want the output to display in JSON format.
--help | -h: Optional: Get help on this command.

Examples

This example illustrates creating a VPC connection named vpc-connection using vpcCRN="crn:v1:bluemix:public:is:us-south:a/3aa0a9999a1a46258064d84f7f447920::vpc:r134-f87014d5-87d2-46d1-9999-24683082f6bc":

ibmcloud tg cc $gateway --name vpc-connection --network-id $vpcCRN --network-type vpc

Create Classic connection named classic-conn.

ibmcloud tg cc $gateway --name classic-conn --network-type classic

Adding a connection with the API

To add a connection with the API, follow these steps:

Set up your API environment.
Store any additional variables to be used in the API commands.

Add a connection to the transit gateway. For example:

curl -X POST --location --header "Authorization: Bearer {iam_token}" \
  --header "Accept: application/json" \
  --header "Content-Type: application/json" \
  --data '{ "network_type": "vpc" }'
  "
{base_url}/transit_gateways/{transit_gateway_id}/connections?version={version}"

For more information, see Adds a connection to a Transit Gateway in the Transit Gateway API reference.

Adding a connection by using Terraform

Review the following argument references that you can specify for your resource when you create a connection for a transit gateway using Terraform:

Terraform argument references for creating a connection
Argument	Details
base_connection_id Optional Forces new resource string	The ID of a network_type 'classic' connection a tunnel is configured over. This field only applies to network type `gre_tunnel` connections.
base_network_type Optional Forces new resource string	The base network type. Allowed values are `classic`. This field only applies to `unbound_gre_tunnel` type connections.
gateway Required Forces new resource string	Enter the transit gateway identifier.
local_gateway_ip Optional Forces new resource string	The local gateway IP address. This field is required for, and only applicable to, `gre_tunnel` and `unbound_gre_tunnel` type connections.
local_tunnel_ip Optional Forces new resource string	The local tunnel IP address. This field is required for, and only applicable to, `gre_tunnel` and `unbound_gre_tunnel` type connections.
name Optional string	The connection name. If the name is not given, a default name is provided based on the network type, such as `vpc` for network type VPC and `classic` for network type classic.
network_account_id Optional Forces new resource string	The ID of the network connected account. This is used if the network is in a different account than the gateway.
network_type Required Forces new resource string	The network type. Allowed values are `classic`, `directlink`, `gre_tunnel`, `unbound_gre_tunnel`, and `vpc`.
network_id Optional Forces new resource string	The ID of the network that is being connected to through this connection. This parameter is required for network type `vpc` and `directlink`, the CRN of the VPC or direct link gateway to be connected. This field is required to be unspecified for network type `classic`. Example:`crn:v1:bluemix:public:is:us-south:a/123456::vpc:4727d842-f94f-4a2d-824a-9bc9b02c523b`
remote_bgp_asn Optional Forces new resource integer	The remote network BGP ASN (will be generated for the connection if not specified). This field only applies to `gre_tunnel` and `unbound_gre_tunnel` type connections.
remote_gateway_ip Optional Forces new resource string	The remote gateway IP address. This field only applies to `gre_tunnel` and `unbound_gre_tunnel` type connections.
remote_tunnel_ip Optional Forces new resource string	The remote tunnel IP address. This field only applies to `gre_tunnel` and `unbound_gre_tunnel` type connections.
zone Optional Forces new resource string	The location of the GRE tunnel. This field only applies to `gre_tunnel` and `unbound_gre_tunnel` type connections.

Example

This example illustrates creating a transit gateway connection that uses Terraform:

resource "ibm_tg_connection" "test_ibm_tg_connection" {
  gateway      = ibm_tg_gateway.test_tg_gateway.id
  network_type = "vpc"
  name         = "myconnection"
  network_id   = ibm_is_vpc.test_tg_vpc.resource_crn
}