This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

VPN

1: Overview

2: How-to guides

2.1: VPN Tunnel

3: API Reference

4: CLI Reference

5: Release Note

1 - Overview

Service Overview

VPN (Virtual Private Network) is a service that connects the customer network and Samsung Cloud Platform through an encrypted virtual private network.

Features

Rapid Service Provision You can set up automated services through the web-based Console, and you can use the VPN service immediately without any waiting time after creating the service.
Secure Access You can safely access your internal network built on the Samsung Cloud Platform from your customer’s network outside through encrypted virtual tunneling using a performance and stability verified IPsec VPN.
Easy Operation Environment You can easily and quickly manage web-based deployment, capacity provisioning, and service updates without the complex network environment configuration.
Efficient Service Use It is possible to manage costs efficiently because you can pay only for the amount of service used without any separate installation costs.

Provided Features

VPN provides the following functions.

Providing virtual tunneling encrypted with IPsec
- Compatible VPN: Secui – Bluemax (TG360),Paloalto,Axgate,Cisco-router/ASA/Meraki, Checkpoint,AWS,Azure,Vmware NSX-T
Create Virtual Private Gateway
- Create a Gateway to connect the customer’s network to a private network that cannot be accessed from the outside
VPN Tunnel Creation
- Select IPsec VPN Gateway (The maximum number of VPN Tunnels per VPN Gateway is 5)
- IPsec VPN Gateway redundancy configuration, when a failure occurs in the Active device, the Standby device operates automatically

Constraints

Division	Basic Quota	Detailed Description
VPN Gateway	3	3 creations possible per Account
VPN Tunnel	5	Up to 5 can be created per VPN Gateway

Table. VPN Restrictions

Region-based provision status

VPN is available in the following environments.

Region	Availability
Western Korea(kr-west1)	Provided
South Korea, southern region1(kr-south1)	Not provided
South Korea, southern region 2(kr-south2)	Not provided
South Korea southern region 3(kr-south3)	Provided

Table. Current Status of VPN Services by Region

Preceding Service

Service Category	Service	Detailed Description
Networking	VPC	A service that provides an independent virtual network in a cloud environment

Fig. Preceding VPN Service

2 - How-to guides

VPN creation

Samsung Cloud Platform Console where VPN services can be created and used.

Caution

VPN can be created up to 3 per Account. If the creation limit is exceeded, a new VPN cannot be created.

To create a VPN, follow the following procedure.

All services > Networking > VPN menu, click. It moves to the Service Home page of VPN.
Service Home page, click the Create VPN button. It moves to the Create VPN page.
VPN creation page where you enter the information required for service creation and select detailed options.

Service Information Input area, please enter the necessary information.

Classification	Necessity	Detailed Description
VPN Gateway name	required	Enter the VPN Gateway name Enter within 3-20 characters using English uppercase and lowercase letters, and numbers
Connected VPC Name	Required	Select the VPC connected to the VPN Gateway
Public IP	required	Select the IP to communicate with the remote site from the VPN Gateway

Table. VPN service information input items

Additional Information Input area, please enter or select the required information.

Classification	Mandatory	Detailed Description
Description	Selection	User Additional Description Up to 255 characters can be entered
Tag	Select	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

Classification

Mandatory

Detailed Description

Description

Selection

User Additional Description

Up to 255 characters can be entered

Tag

Select

Add Tag

Up to 50 can be added per resource

Click the Add Tag button and enter or select Key, Value

Table. Additional Information Input Items for VPN Service

Summary panel where you created detailed information and estimated billing amount, and click the Complete button.

Once creation is complete, check the created resource on the VPN list page.

VPN detailed information check

VPN service can check and modify the entire resource list and detailed information. The VPN details page consists of details, tags, operation history tabs.

To check the detailed information of the VPN service, follow the following procedure.

All services > Networking > VPN menu, click. It moves to the Service Home page of VPN.
Service Home page, click the VPN menu. It moves to the VPN list page.
VPN list page, click on the resource to check the detailed information. It moves to the VPN details page.

VPC Details page displays status information and additional feature information, and consists of Details, Tags, Operation History tabs.

Detailed Information

VPN list page where you can check the operation history of the selected resource.

Classification	Detailed Description
Status	Current Status Active: Normal operation in progress Creating: Creation in progress Editing: Configuration in progress Deleting: Cancellation in progress Error: Current status unknown If it occurs continuously, please contact the registered administrator
Service Cancellation	VPN Service Cancellation
Service	Service Name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform
Resource Name	VPN Resource Name
Resource ID	Unique resource ID in the service
Creator	The user who created the service
Creation Date	The date and time the service was created
Editor	User who modified the service
Revision Date	Date and time when the service information was revised
VPN Gateway name	VPN Gateway name
Connected VPC Name	Name of VPC connected to VPN
Public IP	VPN Gateway where IP information is used to communicate with the remote site
Description	Additional description written by the user Edit icon can be clicked for modification

Table. VPN Detailed Information Items

Classification	Detailed Description
Tag List	Tag List Check Key, Value information of the tag Up to 50 tags can be added per resource When entering a tag, search and select from the existing list of created Key and Value

Work History

VPN details page where you can check the operation history of the selected resource.

Classification	Detailed Description
Work history list	Resource change history Check work time, resource name, work details, work result, and worker information

Table. VPN task history tab detailed information items

VPN cancellation

You can cancel the unused VPC to reduce operating costs. However, when canceling the service, the operating service may be stopped immediately, so you should consider the impact of stopping the service sufficiently and proceed with the cancellation work.

Caution

VPN Tunnel etc., in case there are resources connected to VPN, they cannot be canceled.
The VPN service cannot be canceled when its status is Creating, Editing.

To cancel the VPN, follow the following procedure.

All Services > Networking > VPN menu, click. It moves to the Service Home page of VPN.
Service Home page, click the VPN menu. It moves to the VPN list page.
VPN list page, select the resource to be canceled. It moves to the VPN details page.
VPN details page, click the cancel service button.
Once the cancellation is complete, check if the resource has been cancelled on the VPN list page.

2.1 - VPN Tunnel

VPN Tunnel creation

You can configure IPSec Tunning with a remote site in the VPN service on the Samsung Cloud Platform Console.

To create a VPN Tunnel, follow the following procedure.

All services > Networking > VPN menu, click. It moves to the Service Home page of VPN.
Service Home page, click the VPN Tunnel creation button. It moves to the VPN Tunnel creation page.
VPN Tunnel Creation page where you enter the information required for service creation and select detailed options.

Service Information Input area, please enter the necessary information.

Classification	Mandatory	Detailed Description
VPN Tunnel name	required	Enter the VPN Tunnel name Use English uppercase and lowercase letters, numbers within 3-20 characters
VPC Gateway name	required	VPN Gateway to be selected
VPC name	default	Check VPC information connected to VPN Gateway
Public IP	Basic	Check IP information for communication with the remote site from the VPN Gateway
Peer VPN GW IP	required	enter the IP information of the remote VPN Example: 192.168.10.0
Romote Subnet(CIDR)	required	enter the subnet address of the remote site to connect click the add button after entering the IP address, up to 10 can be added example: 20.0.0.0/24
Pre-shared Key	required	Enter the shared key (PSK) to be used for IKE mutual authentication between VPN gateways Minimum 8 characters ~ Maximum 64 characters limited It is recommended to use a 32-character string of alphanumeric characters
Description	Selection	User Additional Description Up to 255 characters can be entered

Table. VPN Tunnel Service Configuration Items

Tunnel settings area where you can enter or select the required information.

Classification	Mandatory	Detailed Description
IKE 설정 > IKE Version	required	IKE version selection
IKE settings > Algorithm settings	required	Encryption Algorithm and Digest Algorithm are selected and the Add button is clicked
IKE 설정 > Diffie-Hellman	required	Diffie-Hellman group selection
IKE 설정 > SA LifeTime	required	VPN session (Security Association) valid time input
IPSec settings > Algorithm settings	required	Select Encryption Algorithm and Digest Algorithm, and click the Add button
IPSec settings > Perfect Forward Secrecy(PFS)	required	Select whether to use the PFS group
IPSec settings > Diffie-Hellman	required	Select Diffie-Hellman group
IPSec settings > SA LifeTime	required	Enter the valid time of the VPN session (Security Association)

Table. VPN Tunnel Setup Items

Additional Information Input area, please enter or select the required information.

Classification	Mandatory	Detailed Description
DPD additional settings > DPD probe interval	required	Enter the DPD inspection cycle Enter a value between 1-3,600 seconds
Tag	Selection	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

Classification

Mandatory

Detailed Description

DPD additional settings > DPD probe interval

required

Enter the DPD inspection cycle

Enter a value between 1-3,600 seconds

Tag

Selection

Add Tag

Up to 50 can be added per resource

Click the Add Tag button and enter or select Key, Value

Table. Security Group Additional Information Input Items

Summary panel where you created detailed information and estimated billing amount, and click the Complete button.

Once creation is complete, check the created resource on the VPN Tunnel list page.

VPN Tunnel detailed information check

VPN Tunnel service can check and modify the entire resource list and detailed information. The VPN Tunnel details page consists of details, tags, and operation history tabs.

To check the VPN details, follow the following procedure.

All services > Networking > VPN menu, click. It moves to the Service Home page of VPN.
Service Home page, click the VPN Tunnel creation button. It moves to the VPN Tunnel list page.
VPN Tunnel list page, click on the resource to check the detailed information. It moves to the VPN Tunnel details page.

VPN Tunnel details page displays status information and additional feature information, and consists of details, tags, operation history tabs.

Classification	Detailed Description
Status	Current Status Active: Normal operation in progress Creating: Being created Editing: Information being changed Deleting: Being deleted Error: Current status cannot be confirmed If it occurs continuously, contact the registered administrator
VPN Tunnel deletion	VPN Tunnel deletion button

Classification

Detailed Description

Status

Current Status

Active: Normal operation in progress

Creating: Being created

Editing: Information being changed

Deleting: Being deleted

Error: Current status cannot be confirmed
- If it occurs continuously, contact the registered administrator

VPN Tunnel deletion

VPN Tunnel deletion button

Table. VPN Tunnel Status Information and Additional Functions

Detailed Information

VPN Tunnel list page where you can check the detailed information of the selected resource and modify the information if necessary.

Classification	Detailed Description
Service	Service Name
Resource Type	Resource Type
SRN	Unique resource ID in Samsung Cloud Platform
Resource Name	VPN Resource Name
Resource ID	Unique resource ID in the service
Creator	User who created the service
Creation Time	The time when the service was created
Modifier	User who modified the service information
Modified Time	The time when service information was modified
VPN Tunnel name	VPN Tunnel title
VPN Gateway name	VPN Gateway title
Public IP	Public IP information
Peer VPN GW IP	Peer VPN GW information Edit icon can be clicked for modification
Remote Subnet (CIDR)	Remote Subnet information Edit icon can be clicked for modification
Pre-shared Key	Pre-shared Key information Edit icon can be clicked for modification
IKE	Revision button to click and modify the setting information in bulk possible
IKE Version	IKE Version Information
Encryption Algorithm/Digest Algorithm	Algorithm Information
Diffie-Hellman	Diffie-Hellman information
SA LifeTime	SA LifeTime information
IPSec	Modify button to click and modify the setting information in bulk
Encryption Algorithm/Digest Algorithm	Algorithm Information
Diffie-Hellman	Diffie-Hellman information
SA LifeTime	SA LifeTime information
Perfect Forward Secrecy(PFS)	PFS setting information
DPD probe interval	DPD probe interval information Edit icon can be clicked for modification

Table. VPN Tunnel detailed information items

Classification	Detailed Description
Tag List	Tag List Check Key, Value information of the tag Up to 50 tags can be added per resource When entering a tag, search and select from the existing list of created Key and Value

Work History

VPN Tunnel list page where you can check the operation history of the selected resource.

Classification	Detailed Description
Work history list	Resource change history Check work time, resource name, work details, work result, and worker information

Fig. VPN Tunnel Work History Tab Detailed Information Items

VPN Tunnel deletion

You can delete unused VPC Tunnels to reduce operating costs. However, deleting a Tunnel can immediately stop services in operation, so you must consider the impact of service interruption before proceeding with the deletion work.

To cancel the VPN, follow the following procedure.

All services > Networking > VPN menu, click. It moves to the Service Home page of VPN.
Service Home page, click the VPN Tunnel creation button. It moves to the VPN Tunnel list page.
VPN Tunnel list page, click on the resource to check the detailed information. It moves to the VPN Tunnel details page.
VPN Tunnel deletion button should be clicked.
Once the cancellation is complete, please check if the resource has been deleted from the VPN Tunnel list page.

3 - API Reference

API Reference

4 - CLI Reference

CLI Reference

5 - Release Note

VPN

2025.10.23

FEATURE Change in the number of additional remote site subnets for VPN Tunnel

You can enter up to 10 remote subnets (CIDR).

2024.02.27

NEW Official Release of VPN Service

A VPN service has been released that connects the customer network and Samsung Cloud Platform through an encrypted (IPSec) virtual private network.