Creating a Client Gateway

You can create a client gateway in your corporate network.

This action identifies an existing resource in your corporate network to work as client gateway. You can then set up a VPN connection between the client gateway and a virtual gateway. For more information, see About VPN Connections and Tutorial: Setting Up a VPN Connection.

Creating a Client Gateway Using Cockpit v2

Before you begin: Create a resource to use as client gateway. For more information, see About Client Gateways.

  1. In the Client Gateways dashboard, click IconAddFull Create Client Gateway.
    The CREATE CLIENT GATEWAY dialog box appears.

  2. In the Name field, type a name for the client gateway.

    This action adds a Name tag of 255 characters maximum. You can use any character, including accented letters.

  3. In the BGP ASN field, type the appropriate Autonomous System Number (ASN) for your client gateway.

    The ASN must be between 1 and 4294967295, except 50624, 53306, and 132418.
    If you do not have an ASN, you can choose one between 64512 and 65534 (both included), or between 4200000000 and 4294967295 (both included).

  4. In the Public IP field, type the static public IP of the resource you want to use as client gateway.

    IPv6 addresses are not supported. You must use an IPv4 address.

  5. Click Create Client Gateway.
    The client gateway is created.

Creating a Client Gateway Using OSC CLI

Before you begin: Create a resource to use as client gateway. For more information, see About Client Gateways.

The CreateClientGateway command provides information about your client gateway.
This action registers information to identify the client gateway that you deployed in your network.
To open a tunnel to the client gateway, you must provide the communication protocol type, the fixed public IP of the gateway, and an Autonomous System Number (ASN).

For more information, see About Client Gateways.

Request sample
$ osc-cli api CreateClientGateway --profile "default" \
    --ConnectionType "ipsec.1" \
    --PublicIp "192.0.2.0" \
    --BgpAsn 65000

This command contains the following attributes that you need to specify:

  • BgpAsn: The Autonomous System Number (ASN) used by the Border Gateway Protocol (BGP) to find the path to your client gateway through the Internet.
    This number must be between 1 and 4294967295, except 50624, 53306, and 132418.
    If you do not have an ASN, you can choose one between 64512 and 65534 (both included), or between 4200000000 and 4294967295 (both included).

  • ConnectionType: The communication protocol used to establish tunnel with your client gateway (always ipsec.1).

  • DryRun: (optional) If true, checks whether you have the required permissions to perform the action.

  • PublicIp: The public fixed IPv4 address of your client gateway.

The CreateClientGateway command returns the following elements:

  • ClientGateway: Information about the client gateway.

    • BgpAsn: The Autonomous System Number (ASN) used by the Border Gateway Protocol (BGP) to find the path to your client gateway through the Internet.

    • ClientGatewayId: The ID of the client gateway.

    • ConnectionType: The type of communication tunnel used by the client gateway (always ipsec.1).

    • PublicIp: The public IPv4 address of the client gateway (must be a fixed address into a NATed network).

    • State: The state of the client gateway (pending | available | deleting | deleted).

    • Tags: One or more tags associated with the client gateway.

      • Key: The key of the tag, with a minimum of 1 character.

      • Value: The value of the tag, between 0 and 255 characters.

  • ResponseContext: Information about the context of the response.

    • RequestId: The ID of the request.

Result sample
{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "ClientGateway": {
    "State": "available",
    "BgpAsn": 65000,
    "Tags": [],
    "ClientGatewayId": "cgw-12345678",
    "ConnectionType": "ipsec.1",
    "PublicIp": "192.0.2.0"
  }
}

Creating a Client Gateway Using oapi-cli

Before you begin: Create a resource to use as client gateway. For more information, see About Client Gateways.

The CreateClientGateway command provides information about your client gateway.
This action registers information to identify the client gateway that you deployed in your network.
To open a tunnel to the client gateway, you must provide the communication protocol type, the fixed public IP of the gateway, and an Autonomous System Number (ASN).

For more information, see About Client Gateways.

Request sample
$ oapi-cli --profile "default" CreateClientGateway \
    --ConnectionType "ipsec.1" \
    --PublicIp "192.0.2.0" \
    --BgpAsn 65000

This command contains the following attributes that you need to specify:

  • BgpAsn: The Autonomous System Number (ASN) used by the Border Gateway Protocol (BGP) to find the path to your client gateway through the Internet.
    This number must be between 1 and 4294967295, except 50624, 53306, and 132418.
    If you do not have an ASN, you can choose one between 64512 and 65534 (both included), or between 4200000000 and 4294967295 (both included).

  • ConnectionType: The communication protocol used to establish tunnel with your client gateway (always ipsec.1).

  • DryRun: (optional) If true, checks whether you have the required permissions to perform the action.

  • PublicIp: The public fixed IPv4 address of your client gateway.

The CreateClientGateway command returns the following elements:

  • ClientGateway: Information about the client gateway.

    • BgpAsn: The Autonomous System Number (ASN) used by the Border Gateway Protocol (BGP) to find the path to your client gateway through the Internet.

    • ClientGatewayId: The ID of the client gateway.

    • ConnectionType: The type of communication tunnel used by the client gateway (always ipsec.1).

    • PublicIp: The public IPv4 address of the client gateway (must be a fixed address into a NATed network).

    • State: The state of the client gateway (pending | available | deleting | deleted).

    • Tags: One or more tags associated with the client gateway.

      • Key: The key of the tag, with a minimum of 1 character.

      • Value: The value of the tag, between 0 and 255 characters.

  • ResponseContext: Information about the context of the response.

    • RequestId: The ID of the request.

Result sample
{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "ClientGateway": {
    "State": "available",
    "BgpAsn": 65000,
    "Tags": [],
    "ClientGatewayId": "cgw-12345678",
    "ConnectionType": "ipsec.1",
    "PublicIp": "192.0.2.0"
  }
}

Creating a Customer Gateway Using AWS CLI

Before you begin:

To create a customer gateway, use the create-customer-gateway command following this syntax:

Request sample
$ aws ec2 create-customer-gateway \
    --profile YOUR_PROFILE \
    --bgp-asn 65000 \
    --public-ip 198.18.7.207 \
    --type ipsec.1 \
    --endpoint https://fcu.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • bgp-asn: The Autonomous System Number (ASN) used by the Border Gateway Protocol (BGP) to find the path to your customer gateway through the internet. For more information, see About Client Gateways.

    The ASN must be between 1 and 4294967295, except 50624, 53306, and 132418.
    If you do not have an ASN, you can choose one between 64512 and 65534 (both included), or between 4200000000 and 4294967295 (both included).

  • public-ip: The public IP of the resource you want to use as customer gateway.

    IPv6 addresses are not supported. You must use an IPv4 address.

  • type: The type of VPN connection the customer gateway supports (always ipsec.1).

  • endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The create-customer-gateway command returns the following elements:

  • CustomerGateway: Information about the newly created customer gateway. This element contains the following information:

    • Tags: One or more tags associated with the customer gateway. This element contains the following information:

      • Key: The key of the tag.

      • Value: The value of the tag.

    • Type: The type of VPN connection the customer gateway supports (always ipsec.1).

    • State: The state of the customer gateway (pending | available | deleting | deleted). For more information, see About Client Gateways.

    • CustomerGatewayId: The ID of the customer gateway.

    • BgpAsn: The ASN used by the Border Gateway Protocol (BGP) to find the path to your customer gateway through the internet. For more information, see About Client Gateways.

    • IpAddress: The public IP of the customer gateway.

Result sample
{
    "CustomerGateway": {
        "Tags": [],
        "Type": "ipsec.1",
        "State": "available",
        "CustomerGatewayId": "cgw-73a7fba3",
        "BgpAsn": "65000",
        "IpAddress": "198.18.7.207"
    }
}

The specified resource is identified as customer gateway.

Related Pages

Corresponding API Methods

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.