Scenario
A VPN connection is an encrypted communications channel established between a VPN gateway in a VPC and a customer gateway in your on-premises data center. You can modify a VPN connection when required.
Procedure
- Log in to the management console.
- Click
in the upper left corner and select the desired region and project. - Click
in the upper left corner of the page, and choose . - In the navigation pane on the left, choose .
- On the VPN Connections page, locate the VPN connection to modify, and click Modify VPN Connection or Modify Policy Settings.
- Modify VPN connection parameters as prompted.
- Click OK.
If you change the PSK or modify the IKE or IPsec policy of a VPN connection, ensure that the new configurations are consistent with those on the customer gateway. Otherwise, the VPN connection will be interrupted.
Only some of the parameters take effect immediately after being modified, as described in Table 1.
Item |
Parameter |
When New Settings Take Effect |
How to Modify |
|---|---|---|---|
- |
PSK |
|
|
IKEv1 policy |
|
The new settings take effect in the next negotiation period. |
Locate the VPN connection to delete, and choose More > Modify Policy Settings in the Operation column. |
IKEv1 policy |
Version |
The new setting takes effect immediately. |
Locate the VPN connection to delete, and choose More > Modify Policy Settings in the Operation column. |
IKEv2 policy |
|
The new settings take effect in the next negotiation period. |
Locate the VPN connection to delete, and choose More > Modify Policy Settings in the Operation column. |
IKEv2 policy |
Version |
The new setting takes effect immediately. |
Locate the VPN connection to delete, and choose More > Modify Policy Settings in the Operation column. |
IKEv2 policy |
|
The new settings take effect after the VPN connection is re-established. |
|
IPsec policy |
|
The new settings take effect in the next negotiation period. |
Locate the VPN connection to delete, and choose More > Modify Policy Settings in the Operation column. |
IPsec policy |
Transfer Protocol |
This parameter cannot be modified on the management console. |
Locate the VPN connection to delete, and choose More > Modify Policy Settings in the Operation column. |
Table 2 describes the parameters related to VPN connection modification.
Parameter |
Description |
Modifiable or Not |
|---|---|---|
Name |
Name of a VPN connection. The value can contain only letters, digits, underscores (_), hyphens (-), and periods (.). |
Y |
Customer Gateway |
Gateway used for communicating with a VPC through VPN. |
Y |
Customer Subnet |
Subnet in the on-premises data center that needs to access the VPC. |
Y |
Policy Settings |
There are IKE and IPsec policies. |
Y |
PSK |
The PSKs configured for the VPN gateway and customer gateway must be the same. |
Y |
VPN Gateway |
VPN gateway that has been created. |
N |
Gateway IP Address |
IP address used by the customer gateway to communicate with the VPN gateway. The value must be a static address. Ensure that UDP port 4500 is permitted in a firewall rule on the customer gateway in your on-premises data center or private network. |
N |
Interface IP Address Assignment |
Mode in which IP addresses of the local and customer interfaces are assigned. The options include Manually specify and Automatically assign. |
N |
Local Tunnel Interface Address |
Tunnel interface IP address configured on the VPN gateway. |
N |
Customer Tunnel Interface Address |
Tunnel interface IP address configured on the customer gateway device. |
N |