VPN Learning Only Flashcards
Never be afraid of deploying a VPN tunnel of any kind. (15 cards)
Establishes a secure encrypted communications tunnel, in compliance with industry standards, between a local data center and a vpc or between two VPCs on the cloud.
Virtual Private Network (VPN)
In the Huawei Cloud vpn, when we talk about high availability, which kind of gateways can be deployed to achieve this?
Active/Active gateways.
Which protocols are used by Huawei for data encryption?
IKE and IPsec
About the Bandwidth for a VPN connection - Classic
The bandwidth is shared by all VPN connections created for the VPN gateway. The total bandwidth size used by all VPN connections created for a VPN gateway cannot exceed the VPN gateway bandwidth size.
During the use of VPN, if the network traffic exceeds the VPN gateway bandwidth, network congestion may occur and VPN connections may be interrupted. As such, ensure that you configure enough bandwidth.
You can configure alarm rules on Cloud Eye to monitor the bandwidth.
What is the remote gateway?
The public IP address of the gateway in your data center or on the private network. This IP address is used for communicating with your VPC.
What is the remote subnet?
The subnets of your on-premises network that will access a VPC through a VPN. The remote and local subnets cannot overlap with each other. The remote subnet cannot overlap with CIDR blocks involved in existing VPC peering, Direct Connect, or Cloud Connect connections created for the local VPC.
What is the psk in a vpn connection?
pre-shared key, is a secret string of characters used to authenticate the VPN tunnel between two devices, such as a client and a server. It’s a shared secret that both ends of the connection must know to establish a secure tunnel.
___________________ key exchange algorithm is a cryptographic protocol that allows two parties to securely establish a shared secret key over an insecure communication channel.
The Diffie-Hellman
In VPN tunnels, the lifetime of a Security Association (SA) refers to
how long the SA, which includes encryption keys and other settings, will be valid before it’s automatically replaced.
Las politicas/reglas en ambos protocolos para las vpns en Huawei Cloud son muy parecidas, la diferencia más grande que guardan entre sí es la vigencia del sa o asociación de seguridad, que dictamina qué tiempo de validez tienen las llevas y otras configuraciones antes de ser reemplazados, se mide en segundos, para si se opta por el IKE ese tiempo es de__________ y para IPsec ____________.
86400 (1 día)
3600 (1 hora)
S2C vpn tunnels use the IPSec and IKE protocols, unlike the P2C which uses the ________________-
Secure Sockets Layer. It is a protocol that creates an encrypted connection between a client and a server, typically a web browser and a website. This encryption ensures that data transmitted between the two is secure and confidential, preventing unauthorized access and eavesdropping.
S2C VPN involves three key components:
VPN gateway, customer gateway, and VPN connection.
A____________ provides an Internet egress for a Virtual Private Cloud (VPC) to connect to a customer gateway in your on-premises data center.
VPN gateway
A _________________ connects a VPN gateway to a customer gateway through encrypted tunnels, enabling communication between a VPC and your on-premises data center. This helps quickly establish a secure hybrid cloud environment.
VPN connection
