top of page

Virtual Private Cloud

Overview


Virtual Private Cloud (VPC) is a technology that allows you to create your own virtual network within Unity Solutions, isolating your cloud servers on their own private network.



Single-tiered Application



In this use case, all cloud servers are deployed into the VPC with their own external IP addresses, with the router providing internet access. We recommend this configuration if you want to run a simple, public-facing web application on a small number of servers.


This scenario includes:


  • A VPC with a CIDR block of 10.240.0.0/16

  • A cloud server with an external IP address (43.229.60.15), enabling internet access

  • A virtual router with a default routing table


When multiple servers are deployed in the VPC, the internal IP addresses are used for secure communication between the servers.


 

Multi-tiered Application



In this use case, the application is divided into two or more tiers: an internet-accessible public tier (e.g., web servers) and a private tier accessible only within the VPC (e.g., database servers). We recommend this configuration for public web applications where you want to provide additional protection to your backend datastore.


This scenario includes:


  • A VPC with a CIDR block of 10.240.0.0/16

  • A web server with a private IP address (10.240.0.4) and an external IP address (43.229.60.15) forwarded by the router, enabling internet access

  • A database server with a private IP address (10.240.0.5) and no external IP address, making it accessible only within the VPC

  • To provide outgoing internet access to the database server, the route table is configured to pass internet traffic (0.0.0.0/0) to the web server.


The web server is configured to provide NAT for the database server, or in a larger deployment, a dedicated NAT server may be used.


 

Multi-tiered Application with VPN



This use case enhances a multi-tiered application by adding a VPN connection to your company network. The backend tier is directly accessible from your own network and can optionally connect to your in-house servers. We recommend this configuration for migrating your existing web applications to the cloud.


This scenario includes:


  • A VPC with a CIDR block of 10.240.0.0/16

  • A web server with a private IP address (10.240.0.4) and an external IP address (43.229.60.15)

  • A database server with a private IP address (10.240.0.6) and no external IP address

  • A VPN server with a private IP address (10.240.0.5) and an external IP address (43.229.60.16), serving as the remote VPN endpoint

  • Your own VPN gateway, acting as the local VPN endpoint, providing access for your company network (192.168.1.0/24)


The route table is configured to send outgoing internet traffic (0.0.0.0/0) through the web server and your company network traffic (192.168.1.0/24) through the VPN server. The web server is set up to provide NAT for the database server, or in larger deployments, a dedicated NAT server may be used.


 

Private Application with VPN



This use case establishes a private network accessible only via a VPN connection to your company network. The servers are not accessible from the internet, and outgoing internet access is provided through your company network. We recommend this configuration for migrating your in-house applications to the cloud.


This scenario includes:


  • A VPC with a CIDR block of 10.240.0.0/16

  • A cloud server with a private IP address (10.240.0.6) and no external IP address

  • A VPN server with a private IP address (10.240.0.5) and an external IP address (43.229.60.15), serving as the remote VPN endpoint

  • Your own VPN gateway, acting as the local VPN endpoint, providing access for your company network (192.168.1.0/24)


The route table is configured to send all traffic (0.0.0.0/0) to your company network via the VPN server. The private server has no outgoing internet access other than through your company network, allowing you to leverage the security controls already in place for your existing in-house deployment.

9 views0 comments

Recent Posts

See All

Business Wide Email Signature Management

We at Unity Solutions have something exciting that's going to change the way you think about emails. Meet Exclaimer – it's like the superhero your email signature needed but never had. Imagine sending

Major Azure & Oracle Outage

We have been advised of a major outage within Microsoft Azure and Oracle. This is affecting all phone services that utilise Breeze Connect. Internal calls are still functioning; however, inbound and o

SURPASS UNITY SOLUTIONS

Have you looked at your bank statement and come across a transaction entry that reads “SURPASS UNITY SOLUTIONS,” yet you couldn't recall any engagement with such a business? If your memory serves you

Comments


bottom of page