Connect Alibaba Cloud to AWS via VPN Gateway

By Evan Wong, Solutions Architect

Multi-cloud is one of the most sought-after architecture design that bridges the benefits of having multiple technology capabilities of the providers and to avoid vendor lock-in. To be able to connect to the various cloud providers with Alibaba Cloud, there are few options. One of the method is to connect via the VPN gateway through the public internet. This lab focuses on the step by step guide on setup the VPN Gateway on both Alibaba Cloud and Amazon Web Services.

Image for post
Image for post

The following lab provides the steps by steps on how to setup VPN Gateway to establish the connection to AWS.

Prerequisites

Before going through the step-by-step guide, you should have:

  1. A decent computer or laptop
  2. A web browser, recommended Google Chrome
  3. A internet, suggested 5Mbps
  4. An Alibaba Cloud account

Step 1: Create VPN Gateway on Alibaba Cloud

Choose the region, VPC, peak bandwidth and billing method.

Image for post
Image for post

After the purchase, you should be able to see the new VPN Gateway on the console.

Give it a name:

Create Customer Gateway

Next, create a customer gateway. Click on the Create Customer Gateway, enter the name and IP address.

Image for post
Image for post

After it has created, it should appear on the console. Next navigate to the VPN connection page.

Image for post
Image for post

Create VPN Connection

Provide the VPN connection name, choose the correct VPN and Customer Gateway, the local and remote network, as well as the pre-shared key.

Image for post
Image for post

Check the connection status. The status should state “Phase 2 of IKE Tunnel Negotiation Succeeded”.

Image for post
Image for post

Add Route Entry

After the VPN Gateway has been established successfully, the next step is to add the route entry to the VPC in order for the ECS to be able to communicate with the EC2 in AWS.

Navigate to the VPC -> VRouters page. Click on the Add Route Entry.

Image for post
Image for post

Enter the CIDR Block from the AWS, choose VPN Gateway as the Next Hop Type and select the VPN Gateway that was created a moment ago.

Image for post
Image for post

Recheck again on the VRouter information page, the new route entry list should be appeared on the list

Image for post
Image for post

Step 2: Create VPN Gateway on Amazon Web Services

Navigate to Virtual Private Cloud, and click Create Virtual Private Gateway.

Image for post
Image for post

Key in a name and click Create Virtual Private Gateway.

After completed, attach a VPC.

Image for post
Image for post

Create Customer Gateway on Amazon Web Services

Navigate to Customer Gateway and create a new Customer Gateway.

Image for post
Image for post

Enter a name for the customer gateway and enter the IP address of the Alibaba Cloud VPN Gateway.

Image for post
Image for post

Create VPN Connection on Amazon Web Services

Choose the correct VPN Gateway and choose the existing Customer Gateway that has been created earlier. Select static routing option and enter a static IP prefixes which is the subnet of the VPC.

Image for post
Image for post
Image for post
Image for post

Add a Route Table on Amazon Web Services

Before you allow the access to the AWS EC2 instances, the route table need to be added in order for the Alibaba Cloud to connect to the AWS.

Image for post
Image for post

Step 3: Test Connectivity

Make sure on the AWS side, the similar route entry have to be added as well. Next create ECS and EC2 or using the existing instances to do a ping test.

Image for post
Image for post

Conclusion

This VPN Gateway solution allows customer who are consuming services in both Alibaba Cloud and AWS to be able have a secure connectivity between both sites over internet.

Related Products

  1. VPN Gateway
  2. Virtual Private Cloud
  3. Elastic Compute Service

Reference:

https://www.alibabacloud.com/blog/connect-alibaba-cloud-to-aws-via-vpn-gateway_593915?spm=a2c4.12014580.0.0

Written by

Follow me to keep abreast with the latest technology news, industry insights, and developer trends.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store