Select Virtual Edge as Access Point

The following configurations are applicable to virtual edge connection. If you want to connect to your office and have a customer premise equipment (CPE), you can choose virtual edge connection.

Prerequisites

You need to have at least one customer premise equipment (CPE).

Procedures

Virtual Edge connection is a cost-effective solution to connect your office far away. The Internet Protocol Security (IPsec) access is supported for now.

  1. Select the IPsec access method and decide whether to enable high availability (HA) according to your actual needs. High availability (HA) supports both primary and backup access points' configuration to perform a failover, which is is critical to disaster recovery (DR).

    • The static routing is not supported in HA. IPsec connection in HA only support BGP routing.

    • You need to configure both primary and backup informations, including locations, IPs, if you have enabled HA.

  2. Select the location closest to your CPE. If you enable HA, select both primary and backup locations.

  3. Label your IPsec connection for identification.

IPsec Tunnel Configuration

After adding the virtual edge point, go to Configuration to configure the IPsec tunnel.

An IPsec tunnel is just like a virtual "tunnel" through a public network between two dedicated routers, enabling safe and secure transmission of data.

Select a mode and enter a pre-shared key (PSK) for negotiation. If you select Customer IP Address mode, provide your public remote IP address of your CPE.

FQDN

A fully qualified domain name (FQDN) is the unique identification of the remote endpoint with which IPsec tunnel negotiations should be allowed.

Customer IP Address

A public IP address of the remote endpoint with which IPsec tunnel negotiations should be allowed.

Note

  • You're recommended to use FQDN mode because you can have a more dynamic public IP planing.

  • If you choose Customer IP Address mode, please ensure the public IP cannot change.

  • If you enable HA, both primary and backup PSKs are required.

What to Do Next

Configure routing and bandwidth to finish the virtual edge point adding.

After creating the cloud router, click the label of IPsec point to view the detailed information. Configure the IPsec and routing information on your CPE.

Note

  • You'd better choose the Recommended configuration.

  • IKEv1 Main is only used for Remote IP negotiation.

Last updated