Extend your cloud and your options - creating a Virtual Private Network VPN connection between Open Telekom Cloud and DSI vCloud
Using the web interface (“service console”) of Open Telekom Cloud and the Web-Portal of DSI vCloud Director for quickly set up a secure Virtual Private Network Connection (VPN) through the Internet between Open Telekom Cloud and DSI vCloud in a self-service manner. Connect both “Cloud Worlds” together which brings a lot of advantages and agility for your IT.
Connecting means that Applications and Server are able to communicate through this “isolated Tunnel” in a secure way. This enables you to establish Disaster Recovery Concepts on Application Level or make use of Central Services e. g. located in DSI vCloud also accessible from Open Telekom Cloud.
Preparation
Before Starting some info’s must be noticed, because the VPN’s needs info from the opposite environment:
DSI vCloud
Remote Gateway: <DSI vCloud Edge Gateway Internet IP chosen for VPN> How to obtain Remote Gateway (External Network IP on Edge Gateway – Flexible Internet IP): On Edge Gateway Services choose Tab VPN and click on “Configure Public IPs”. Choose an IP of Network vm-vl<xxxx>-dsi-vcd-inet-flex:
After getting the IP click “Cancel”! Local Network: <private network(s) of vCloud which should be connected to VPN>
Common
PSK/Shared Key: <value containing an alphanumeric string between 32-128 in length> Best Practice: Use 128 for strong encryption.
Establish the connection
1. First Create VPN on Open Telekom Cloud:
Click “Virtual Private Cloud” in Section “Network” on Open Telekom Cloud console. Click “VPNs” in Section “My resources” Click “+ Create VPN”
VPC: <Choose Name of VPC on which VPN should be created> Name: <Name of VPN> PSK: <value containing an alphanumeric string between 32-128 in length> Local Subnets: <mark local OTC Subnet(s) which should be connected to VPN> Remote Gateway: < External Network IP on DSI vCloud Edge Gateway – Flexible Internet IP> Remote Subnets: <DSI vCloud local Subnet(s) which should be accessible>
After Confirmation with “Create Now” the VPN will be created:
After Creation the Status changes to “Not connected”. Use also the refresh Button on the right side. In the background all for VPN necessary Ports opened and NAT-Rules for the connection are created automatically.
Note also the Local Gateway of Open Telekom Cloud for use in DSI vCloud VPN Setting!
2. Create VPN on DSI vCloud:
Double-click the organization virtual datacenter name to open the organization virtual datacenter. Click the Edge Gateways tab, right-click the edge gateway name and select Edge Gateway Services. Click the VPN tab. Click Add
Name: <Name of VPN> Description: <description> Mark: “Enable this VPN configuration” Estabilsh VPN to: a remote network
Local Networks: Mark all wanted local networks which should be connected to VPN
Peer Networks: Put in all local networks of Open Telekom Cloud which should be connected.
Local Endpoint: Choose the “vm-vl<xxxx>-dsi-vcd-inet-flex” network Local ID: Put in the local gateway IP of DSI vCloud Peer ID: Put in the local gateway IP of Open Telekom Cloud
Peer IP: Put in the local gateway IP of Open Telekom Cloud
Encryption protocol: Choose “AES-256” Shared Key: Put in Shared Key / PSK
MTU: 1500
Modify the settings as appropriate and click OK. On next window click OK and the VPN on the Edge Gateway is configured and started.
In the background all for VPN necessary Ports opened and NAT-Rules for the connection are created automatically.
After Creation check the VPN status:
Sometimes the status is shown as disconnected – even when connected. This is a known BUG.
After configuring the VPN Gateway of vCloud check the status on the Open Telekom Cloud VPN:
The Status should be “Normal” now – this means that the VPN is up and connected!
Now you can start to connect your Applications in a secure manner and more between Open Telekom Cloud and DSI vCloud.
Summary
Open Telekom Cloud and DSI vCloud offers a Self Service VPN. With an appropriate Setting these VPN endpoints and the networks behind can be connected together.
What’s Next?
Creation of FW-Rules on Open Telekom Cloud and DSI vCloud so that only through the defined Ports connections can be established between both Clouds. After this new and already exiting Server and Applications can use the Connection.
Engelbert Eckstein studied communications and data systems technology at the university of applied science “Georg SIMON OHM” of Nuremberg. Since the late 90 he has been working with Mainframe, different Unix Derivates and Storage Technologies. Since 2004 he mainly deals with operations, engineering and architecture of T-Systems Cloud environments - first with Appliance Computing (AppCom), then with Dynamic Computing Platform (DCP) and DSI vCloud and finally at Open Telekom Cloud.
Book now and claim starting credit of EUR 250* (code: 4UOTC250)
Book now
Take advantage of our consulting services! Our experts will be happy to help you.
We will answer any questions you have regarding testing, booking and usage – free and tailored to your needs. Try it out today!
* Voucher can be redeemed until December 31, 2024. Please contact us when using the voucher for booking. The discount is only valid for customers with a billing address in Germany and expires two months after conclusion of the contract. The credit is deducted according to the valid list prices as per the service description. Payment of the credit in cash is excluded.
The Open Telekom Cloud Community
This is where users, developers and product owners meet to help each other, share knowledge and discuss.
Discover now
Free expert hotline
Our certified cloud experts provide you with personal service free of charge.
