Connecting to your on-premises network
You can use IBM Cloud VPN for VPC to securely connect your VPC to an on-premises network through a VPN tunnel. This topic provides guidance about how to configure your VPN gateway to connect to your on-premises network.
Create a VPN gateway in your VPC and create a VPN connection between the VPC and the peer gateway of the on-prem network by specifying the following information.
- Connection name - Enter a name for the connection, such as
onprem-connection
. - Peer gateway address - Specify the IP address of the VPN gateway for the on-prem network.
- Preshared key - Specify the authentication key of the VPN gateway for the on-prem network.
- Local subnets (Policy-based VPN only) - Specify one or more subnets in the VPC you want to connect through the VPN tunnel.
- Peer subnets (Policy-based VPN only) - Specify one or more subnets in the on-prem network you want to connect through the VPN tunnel.
For the Internet Key Exchange (IKE) and IPsec security parameters, select Auto so the cloud gateway uses auto-negotiation to automatically establish the connection with the on-premises gateway.
The gateway status appears as Pending while the VPN gateway is being created, and the status changes to Available after it is created.
Configuring the on-premises VPN gateway
The next step is configuring your on-premises VPN gateway peer to connect to your IBM Cloud VPN for VPC. The configuration depends on the type of VPN gateway. See the following topics for details.
- Connecting to an AWS peer
- Connecting to a Check Point Security Gateway peer
- Connecting to a Cisco ASAv peer
- Connecting to a FortiGate peer
- Connecting to a Juniper vSRX peer
- Connecting to a strongSwan peer
- Connecting to a Vyatta peer
These configurations are fully tested and supported by IBM. If you plan to use an on-premises VPN gateway peer other than those listed, IBM Support can assist in troubleshooting your configuration, but cannot guarantee a resolution.
Checking the status of the secure connection
You can check the status of your connection in the IBM Cloud console. On the VPN for VPC page, select your VPN gateway and click Connections from the navigation pane on the left of the page.
You can also test the connection by doing a ping from a virtual server instance in your VPC to a server in the on-premises network.