Comment on page
Select Virtual Edge as Access Point
The following configurations are applicable to virtual edge connection. If you want to connect to your office and have a customer premise equipment (CPE), you can choose virtual edge connection.
You need to have at least one customer premise equipment (CPE).
IPsec Connection in HA
- 1.Select the IPsec access method and decide whether to enable high availability (HA) according to your actual needs. High availability (HA) supports both primary and backup access points' configuration to perform a failover, which is is critical to disaster recovery (DR).Note
- The static routing is not supported in HA. IPsec connection in HA only support BGP routing.
- You need to configure both primary and backup informations, including locations, IPs, if you have enabled HA.
- 2.Select the location closest to your CPE. If you enable HA, select both primary and backup locations.
- 3.Label your IPsec connection for identification.
After adding the virtual edge point, go to Configuration to configure the IPsec tunnel.
An IPsec tunnel is just like a virtual "tunnel" through a public network between two dedicated routers, enabling safe and secure transmission of data.
Configure IPsec Tunnel
Select a mode and enter a pre-shared key (PSK) for negotiation. If you select Remote IP Address mode, provide your public remote IP address of your CPE.
A fully qualified domain name (FQDN) is the unique identification of the remote endpoint with which IPsec tunnel negotiations should be allowed.
A public IP address of the remote endpoint with which IPsec tunnel negotiations should be allowed.
- You're recommended to use FQDN mode because you can have a more dynamic public IP planing.
- If you choose Remote IP Address mode, please ensure the public IP cannot change.
- If you enable HA, both primary and backup PSKs are required.
After creating the cloud router, click the label of IPsec point to view the detailed information. Configure the IPsec and routing information on your CPE.
Detailed Information of IPsec Point
- You'd better choose the Recommended configuration.
- IKEv1 Main is only used for Remote IP negotiation.
Last modified 8mo ago