- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Operation Guide Overview
- Use Limits Overview
- Instances
- Creating Instances
- Batch Sequential Naming or Pattern String-Based Naming
- Resource Adjustment
- Query Info
- Renaming Instances
- Resetting Instance Password
- Management instance IP address
- Change Instance Subnet
- Change Security Group
- Search Instances
- Export Instances
- Querying the Repossession Status of a Spot Instance
- Renew Instances
- Shutdown Instances
- Restarting Instances
- Logging into Linux Instance
- Logging into Windows instance
- Reinstalling System
- Terminating Instances
- Instance Expires
- Spot Instances
- No Charges When Shut down for Pay-as-You-Go Instances
- Images
- Service Migration
- Online Migration
- Overview
- Online Migration Tool
- Tencent Cloud Migration Tutorial
- Migration Tutorial for Different Source Environments
- Migrating AWS EC2 Data to Tencent Cloud
- Migrating Alibaba Cloud ECS Data to Tencent Cloud
- Migrating Huawei Cloud ECS Data to Tencent Cloud
- Migrating UCloud UHost Data to Tencent Cloud
- Migrating Baidu Cloud BCC Data to Tencent Cloud
- Migrating VMWare Virtual Machine Data to Tencent Cloud
- Migrating China Telecom e-Cloud Cloud Server Data to Tencent Cloud
- Offline Migration
- Contact Us
- Online Migration
- Network
- Cloud Block Storage
- Security
- Security Groups
- Protection of Sensitive Operations
- Managing Login Password
- Managing SSH keys
- Spread Placement Group
- Unblocking Port 25
- Tags
- Monitoring and Alarms
- Console Example
- Best Practice
- Best Practices
- Setting up a Website
- Building an Environment
- Building a Website
- Building an Application
- Network Performance Test
- Using RemoteFx to Redirect USB Devices in Windows
- Using USB/IP to Share USB Devices in Linux
- OPS Guide
- Mount Data Disks
- Environment Configurations
- Upload File
- Copying Local Files to CVMs
- Uploading Files from MacOS to Windows CVM using MRD
- Uploading Files from Linux to Windows CVM using RDP
- Uploading Files from Linux to a CVM Using FTP
- Uploading files via WinSCP to a Linux CVM from Windows
- Uploading Files from Windows to a CVM Using FTP
- Uploading Files via SCP to a Linux CVM from Linux
- Uploading Files from Windows to a Windows CVM using MSTSC
- Installing Software
- User Data
- System-related
- Others
- Troubleshooting Issues
- Instance Related Failures
- Failed to shut down or restart a CVM
- Remote Connect Failure Due to Security Group Settings
- About Linux Instances
- About Windows Instances
- Windows Instance Login Failure
- Requires network-level identity verification
- Connection to a Windows CVM through Remote Desktop was denied
- An authentication error occurred when you tried to log in to a Windows instance remotely
- Problems occurred when you tried to log in to a Windows CVM remotely on Mac
- Credentials Not Work
- Failed to log in to a Windows CVM due to high CPU and memory usage
- Failed to connect to a remote computer through Remote Desktop
- Remote Login Failure Due To Port Issues
- Windows instance: no remote Desktop license server can provide license
- Network Namespace Creation Failure
- CVM Login Failures
- Login Failure Due to High Bandwidth Occupation
- Login Failure Due to Server Isolation
- Failed to Reset the CVM Password or the CVM Password Is Invalid
- Network Related Failures
- Downloading Remote Desktop for Mac
- Instance Related Failures
- API Documentation
- Introduction
- API Category
- Making API Requests
- CDH APIs
- Image APIs
- Key APIs
- Instance APIs
- AssociateSecurityGroups
- CreateDisasterRecoverGroup
- DeleteDisasterRecoverGroups
- DescribeDisasterRecoverGroupQuota
- DescribeInstanceFamilyConfigs
- DescribeDisasterRecoverGroups
- DescribeInstanceTypeConfigs
- DescribeInstanceVncUrl
- DescribeInstances
- DescribeInstancesOperationLimit
- DescribeInstancesStatus
- DescribeInternetChargeTypeConfigs
- DescribeZoneInstanceConfigInfos
- DisassociateSecurityGroups
- InquiryPriceResetInstance
- InquiryPriceResetInstancesInternetMaxBandwidth
- InquiryPriceResetInstancesType
- InquiryPriceResizeInstanceDisks
- InquiryPriceRunInstances
- ModifyDisasterRecoverGroupAttribute
- ModifyInstancesAttribute
- ModifyInstancesProject
- ModifyInstancesVpcAttribute
- RebootInstances
- ResetInstance
- ResetInstancesInternetMaxBandwidth
- ResetInstancesPassword
- ResetInstancesType
- ResizeInstanceDisks
- RunInstances
- StartInstances
- StopInstances
- TerminateInstances
- Region APIs
- Data Types
- Error Codes
- FAQs
- Service Agreement
- Notice
- Glossary
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Operation Guide Overview
- Use Limits Overview
- Instances
- Creating Instances
- Batch Sequential Naming or Pattern String-Based Naming
- Resource Adjustment
- Query Info
- Renaming Instances
- Resetting Instance Password
- Management instance IP address
- Change Instance Subnet
- Change Security Group
- Search Instances
- Export Instances
- Querying the Repossession Status of a Spot Instance
- Renew Instances
- Shutdown Instances
- Restarting Instances
- Logging into Linux Instance
- Logging into Windows instance
- Reinstalling System
- Terminating Instances
- Instance Expires
- Spot Instances
- No Charges When Shut down for Pay-as-You-Go Instances
- Images
- Service Migration
- Online Migration
- Overview
- Online Migration Tool
- Tencent Cloud Migration Tutorial
- Migration Tutorial for Different Source Environments
- Migrating AWS EC2 Data to Tencent Cloud
- Migrating Alibaba Cloud ECS Data to Tencent Cloud
- Migrating Huawei Cloud ECS Data to Tencent Cloud
- Migrating UCloud UHost Data to Tencent Cloud
- Migrating Baidu Cloud BCC Data to Tencent Cloud
- Migrating VMWare Virtual Machine Data to Tencent Cloud
- Migrating China Telecom e-Cloud Cloud Server Data to Tencent Cloud
- Offline Migration
- Contact Us
- Online Migration
- Network
- Cloud Block Storage
- Security
- Security Groups
- Protection of Sensitive Operations
- Managing Login Password
- Managing SSH keys
- Spread Placement Group
- Unblocking Port 25
- Tags
- Monitoring and Alarms
- Console Example
- Best Practice
- Best Practices
- Setting up a Website
- Building an Environment
- Building a Website
- Building an Application
- Network Performance Test
- Using RemoteFx to Redirect USB Devices in Windows
- Using USB/IP to Share USB Devices in Linux
- OPS Guide
- Mount Data Disks
- Environment Configurations
- Upload File
- Copying Local Files to CVMs
- Uploading Files from MacOS to Windows CVM using MRD
- Uploading Files from Linux to Windows CVM using RDP
- Uploading Files from Linux to a CVM Using FTP
- Uploading files via WinSCP to a Linux CVM from Windows
- Uploading Files from Windows to a CVM Using FTP
- Uploading Files via SCP to a Linux CVM from Linux
- Uploading Files from Windows to a Windows CVM using MSTSC
- Installing Software
- User Data
- System-related
- Others
- Troubleshooting Issues
- Instance Related Failures
- Failed to shut down or restart a CVM
- Remote Connect Failure Due to Security Group Settings
- About Linux Instances
- About Windows Instances
- Windows Instance Login Failure
- Requires network-level identity verification
- Connection to a Windows CVM through Remote Desktop was denied
- An authentication error occurred when you tried to log in to a Windows instance remotely
- Problems occurred when you tried to log in to a Windows CVM remotely on Mac
- Credentials Not Work
- Failed to log in to a Windows CVM due to high CPU and memory usage
- Failed to connect to a remote computer through Remote Desktop
- Remote Login Failure Due To Port Issues
- Windows instance: no remote Desktop license server can provide license
- Network Namespace Creation Failure
- CVM Login Failures
- Login Failure Due to High Bandwidth Occupation
- Login Failure Due to Server Isolation
- Failed to Reset the CVM Password or the CVM Password Is Invalid
- Network Related Failures
- Downloading Remote Desktop for Mac
- Instance Related Failures
- API Documentation
- Introduction
- API Category
- Making API Requests
- CDH APIs
- Image APIs
- Key APIs
- Instance APIs
- AssociateSecurityGroups
- CreateDisasterRecoverGroup
- DeleteDisasterRecoverGroups
- DescribeDisasterRecoverGroupQuota
- DescribeInstanceFamilyConfigs
- DescribeDisasterRecoverGroups
- DescribeInstanceTypeConfigs
- DescribeInstanceVncUrl
- DescribeInstances
- DescribeInstancesOperationLimit
- DescribeInstancesStatus
- DescribeInternetChargeTypeConfigs
- DescribeZoneInstanceConfigInfos
- DisassociateSecurityGroups
- InquiryPriceResetInstance
- InquiryPriceResetInstancesInternetMaxBandwidth
- InquiryPriceResetInstancesType
- InquiryPriceResizeInstanceDisks
- InquiryPriceRunInstances
- ModifyDisasterRecoverGroupAttribute
- ModifyInstancesAttribute
- ModifyInstancesProject
- ModifyInstancesVpcAttribute
- RebootInstances
- ResetInstance
- ResetInstancesInternetMaxBandwidth
- ResetInstancesPassword
- ResetInstancesType
- ResizeInstanceDisks
- RunInstances
- StartInstances
- StopInstances
- TerminateInstances
- Region APIs
- Data Types
- Error Codes
- FAQs
- Service Agreement
- Notice
- Glossary
Allow CVMs withtout Internet access to access Internet
Last updated: 2020-06-24 17:54:17
Overview
If you select a bandwidth with an upper limit of 0 Mbps when purchasing a CVM, the CVM will be unable to access the public network. This document uses CentOS 7.5 as an example to describe how a CVM without a public IP address can access the public network by connecting to a CVM with a public IP address through a PPTP VPN.
Prerequisites
- Two CVMs in the same VPC instance have been created. One CVM does not have a public IP address and the other CVM has a public IP address.
- The private IP address of the CVM with a public IP address has been obtained.
Directions
Configuring PPTP on the CVM with a public IP address
- Log in to the CVM with a public IP address.
- Run the following command to install PPTP:
yum install -y pptpd - Run the following command to open the
pptpd.confconfiguration file:vim /etc/pptpd.conf - Press i to switch to the editing mode and add the following code at the bottom of the file.
localip 192.168.0.1 remoteip 192.168.0.234-238,192.168.0.245 - Press Esc, enter :wq, and save and close the file.
- Run the following command to open the
/etc/ppp/chap-secretsconfiguration file:vim /etc/ppp/chap-secrets - Press i to switch to the editing mode and add the username and password for connecting to PPTP in the following format at the bottom of the file.
<Username> pptpd <Password> *root pptpd 123456 * - Press Esc, enter :wq, and save and close the file.
- Run the following command to start the PPTP service:
systemctl start pptpd - Run the following commands sequentially to enable forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE
Configuring PPTP on the CVM without a public IP address
- Log in to the CVM without a public IP address.
- Run the following command to install a PPTP client:
yum install -y pptp pptp-setup - Run the following command to create a configuration file:
pptpsetup --create <Configuration file name> --server <Private IP address of the CVM with a public IP address> --username <Username for connecting to PPTP> --password <Password for connecting to PPTP> --encryptpptpsetup --create test --server 10.100.100.1 --username root --password 123456 --encrypt - Run the following command to connect to PPTP:
pppd call test (the configuration file name created in step 3) - Run the following commands to set routes:
route add -net 10.0.0.0/8 dev eth0 route add -net 172.16.0.0/12 dev eth0 route add -net 192.168.0.0/16 dev eth0 route add -net 169.254.0.0/16 dev eth0 route add -net 9.0.0.0/8 dev eth0 route add -net 100.64.0.0/10 dev eth0 route add -net 0.0.0.0 dev ppp0
Checking whether the configuration was successful
Run the following command on the CVM without a public IP address to ping any external network address and check whether it can be pinged through:
ping -c 4 <External network address>If a result similar to the following is returned, the configuration was successful:
Was this page helpful?