Skip to main content

User Guide - Site-to-Site Private Connectivity

Overview

Abstract

Follow the steps in this guide to learn how to create a full-mesh private network between two private networks and enable remote access to those networks, ensuring full site-to-site private connectivity.

Owen has completed the signup process as shown here. During the signup process, Owen selects technop.openvpn.cloud as the web domain for the user portal. This domain uniquely identifies the WPC that will be set up by Owen and is used by Connect Client applications to identify the WPC that it needs to connect to.

This guide provides a high-level example of creating a full-mesh, site-to-site network across two private networks that are represented by AWS VPCs in separate AWS regions. In this example. the networks hosting private servers and resources are based in Northern California and in Oregon.

Illustration of WPC

site_to_site.png

North California Network

North California network is using the 172.31.0.0/16 subnet. Owen needs to configure this as the Network subnet that needs to be available from CloudConnexa.

62eacb52bc05c.png

Configure Networks

Owen configures both networks using the Admin portal as shown below. See, Adding A Network.

62eacb54c9f9f.png

Install Connector in North California Network

Owen installs Connector on one of the instances in the network and uses the respective Connector profile to get the instance connected to CloudConnexa. See, Installing Network Connector – Linux.

62eacb56750cf.png

Add routes in North California Network

Prior to adding routes, Owen disables ‘Source/Destination’ Check on the Network interface of the instance running the Connector.

He enables forwarding in the Linux kernel of the instance running the Connector.

From the command line he enters:

            sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
sysctl -p
         

Next, he adds routes, in the route table associated with the VPC, for the Oregon Network and the CloudConnexa WPC subnets using the instance running the Connector as the next-hop Target.

62eacb5836a6f.png

Install Connector in Oregon Network

Owen installs a Connector on one of the instances in the Network and uses the respective Connector Profile to get the instance connected to CloudConnexa. See, Installing Network Connector – Linux.

62eacb56750cf.png

Add Routes in Oregon Network

Prior to adding routes, Owen disables Source/Destination Check on the Network interface of the instance running the Connector.

He enables forwarding in the Linux kernel of the instance running the Connector

From the command line he enters:

            sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
sysctl -p
         

Next, he adds routes, in the route table associated with the VPC, for the North California Network and the CloudConnexa WPC subnets using the instance running the Connector as the next-hop Target.

62eacb5836a6f.png

Test Connectivity

Now, Owen can connect his laptop to CloudConnexa using the Connect Client (see importing Profile section, User Guide – Configuring a VPN for Secure Access to Internet), and reach any instance in both of the private Networks. As shown below, instances in private Networks can also reach each other.

62eacb5aa91e9.png