Skip to main content

VPN Connections

With Virtual Private Network (VPN) as a service, self-service users can extend virtual networks across public networks, such as the Internet. To connect two or more remote endpoints, VPNs use virtual connections tunneled through physical networks. To secure VPN communication, the traffic that flows between remote endpoints is encrypted. The VPN implementation uses the Internet Key Exchange (IKE) and IP Security (IPsec) protocols to establish secure VPN connections.

To better understand how a VPN works, consider the following example:

  • For example, let's assume there are two clusters, Cluster1 and Cluster2. There is one Virtual Machine and Virtual Network in these clusters;

  • In Cluster1, the virtual machine VM1 is connected to the virtual network privnet1 (192.168.10.0/24) via the network interface with IP address 192.168.10.10. The network privnet1 is exposed to public networks via the router router1 with the external port 10.10.10.5.

  • In Cluster2, the virtual machine VM2 is connected to the virtual network privnet2 (192.168.20.0/24) via the network interface with IP address 192.168.20.20. The network privnet2 is exposed to public networks via the router router2 with the IP adress 10.10.10.4.

  • The VPN tunnel is created between the routers router1 and router2 that serve as VPN gateways, thus allowing mutual connectivity between the networks privnet1 and privnet2.

  • The virtual machines VM1 and VM2 are visible to each other at their private IP addresses. That is, VM1 can access VM2 at 192.168.20.20, and VM2 can access VM1 at 192.168.10.10.