You can create a VPN connection between your corporate network and one of your Virtual Private Clouds (VPCs) in the 3DS OUTSCALE Cloud.

This action creates a secure VPN tunnel between a customer gateway and a virtual private gateway. The VPN connection remains in the pending state until traffic is generated from the customer gateway. For more information, see About VPN Connections.

After you create a VPN connection, you need to configure it. For more information, see Configuring Your VPN Connections.

The following procedures are available:

Creating a VPN Connection Using Cockpit

Before you begin: Create the required resources. For more information, see Tutorial: Setting up a VPN Connection.


  1. In the
    Unable to render {include} The included page could not be found.
     of the IaaS section,
     click VPC > VPN Connections.

  2. Click Create  .
    The CREATE VPN CONNECTION dialog box appears.

  3. Select the following information: 
    1. From the Customer gateway list, the ID of the customer gateway you want to use. 
    2. From the Virtual private gateway list, the ID of the virtual private gateway you want to use. 
    3. From the Routing list, the type of routing you want to use. For more information, see About Network and Routing Configuration for VPN Connections > Static and Dynamic Routing.

      If you select static routing, you can create routes for the VPN connection. If you select dynamic routing, you do not need to create routes. For more information, see Creating a VPN Connection Route.

  4. Click Create to validate. 
    The VPN connection is created.

    To download the configuration information in XML format, select the VPN connection and click Configuration .

Creating a VPN Connection Using AWS CLI

Before you begin: Create the required resources. For more information, see Tutorial: Setting up a VPN Connection.


  • To create a VPN connection, use the create-vpn-connection command following this syntax:

    Request sample
    $> aws ec2 create-vpn-connection \
    	--profile YOUR_PROFILE \
    	--customer-gateway-id cgw-f491f6d9 \
    	--vpn-gateway-id vgw-00ac2c82 \
    	--type ipsec.1 \
    	--options {\"StaticRoutesOnly\":true} \
    	--endpoint https://fcu.eu-west-2.outscale.com  

    This command contains the following attributes that you need to specify:

    • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Using AWS CLI with the 3DS OUTSCALE Cloud.
    • customer-gateway-id: The ID of the customer gateway you want to use. For more information, see Managing Your Customer Gateways.
    • vpn-gateway-id: The ID of the virtual private gateway you want to use. For more information, see Managing Your Virtual Private Gateways.
    • type: The type of VPN connection (always ipsec.1). For more information, see About VPN Connections
    • (optional) options: Information about the routing options for the VPN connection. This attribute contains the following element that you need to specify: 
      • StaticRoutesOnly: By default or if set to falsethe VPN connection uses dynamic routing with Border Gateway Protocol (BGP). If set to true, it uses static routing. For more information, see About Routing Configuration for VPN Connections.
    • endpoint: The endpoint corresponding to the Region you want to send the request to.


    The create-vpn-connection command returns the following elements:

    • VpnConnection: Information about the newly created VPN connection. This element contains the following information: 
      • VpnConnectionId: The ID of the VPN connection. 
      • Tags: One or more tags associated with the VPC peering connection. This element contains the following information: 
        • Key: The key of the tag. 
        • Value: The value of the tag. 
      • CustomerGatewayConfiguration: The configuration to apply to the customer gateway to establish the connection, in XML format. For more information, see Configuring Your VPN Connections.
      • Routes: Information about the static routes associated with the connection, if any. This element contains the following information: 
        • DestinationCidrBlock: The destination range of IP addresses of the route, in CIDR notation.
        • Source: The type of route (always static).
        • State: The state of the static route (pending | available | deleting | deleted).
      • VgwTelemetry: Information about the state of the VPN tunnel. This element contains the following information: 
        • Status: The state of the VPN tunnel (UP | DOWN). For more information, see About VPN Connections. 
        • AcceptedRouteCount: The number of accepted routes through the Border Gateway Protocol (BGP) route exchanges. 
        • OutsideIpAddress: The IP address on the external interface of the virtual private gateway.
        • LastStatusChange: The date and time of the last state change of the VPN tunnel. 
        • StatusMessage: A description of the current state of the VPN tunnel. 
      • State: The state of the VPN connection (pending | available | deleting | deleted). For more information, see About VPN Connections
      • VpnGatewayId: The ID of the virtual private gateway.
      • CustomerGatewayId: The ID of the customer gateway. 
      • Type: The type of VPN connection (always ipsec.1).
      • Options: Information about the routing options of the VPN connection. This element contains the following information: 
        • StaticRoutesOnlyBy default or if set to false, the VPN connection uses dynamic routing with Border Gateway Protocol (BGP). If set to true, it uses static routing. For more information, see About Routing Configuration for VPN Connections.
    Result sample
     {
        "VpnConnection": {
            "VpnConnectionId": "vpn-c750ea06", 
            "Tags": [], 
            "CustomerGatewayConfiguration": CONFIGURATION_INFORMATION, 
            "Routes": [], 
            "VgwTelemetry": [
                {
                    "Status": "DOWN", 
                    "AcceptedRouteCount": 0, 
                    "OutsideIpAddress": "171.33.67.245", 
                    "LastStatusChange": "2017-02-01T14:08:51.649Z", 
                    "StatusMessage": "IPSEC IS DOWN"
                }
            ], 
            "State": "pending", 
            "VpnGatewayId": "vgw-00ac2c82", 
            "CustomerGatewayId": "cgw-f491f6d9", 
            "Type": "ipsec.1", 
            "Options": {
                "StaticRoutesOnly": false
            }
        }
    }
    

    The VPN connection is created. 


Windows® is a registered trademark of Microsoft Corporation in the United States and/or other countries.

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.

See Legal Mentions.