<p>Different VPCs are separated and cannot access each other. To allow multiple VPCs of a tenant to connect with each other, or allow VPCs of different tenants to be connected, create express connects and configure security groups.</p> <p><strong>Background Information</strong></p> <p>Cloud resources in different VPCs are blocked in both inbound and outbound direction by default. It requires to configure the security group in both inbound and outbound direction for cross-VPC connection.</p> <p>The following example illustrates how to connect the DMZ of VPC-1 and SF network of VPC-2.</p> <p><strong>Prerequisites</strong></p> <p>Subnets are created in the DMZ of VPC-1 and SF of VPC-2.&nbsp;</p> <p>ECS instances are deployed in the subnet of the DMZ of VPC-1 and the subnet of SF of VPC-2.</p> <p><strong>Procedure</strong></p> <p>1.&nbsp;&nbsp;Create an express connect, select VPC-1 and VPC-2 as the VPC of local terminal and opposite terminal of the express connect, and select the subnet IP addresses of local terminal and opposite terminal that need to be connected. For more information, see <a href="https://www.pinganyun.com/ssr/help/network/high_speed/quick_start.5e0313ea73e37924ed41b6b9.5e0314103c102f24fddc7519" target="_blank">Quick Start</a> of the express connect.</p> <p><strong>Note: </strong>For cross-tenant interconnection, it requires to enter the verification code received on the phone of the tenant administrator to verify when configuring the express connect.</p> <p>2.&nbsp;&nbsp;Create Security Group 1 for the DMZ of VPC-1. For more information, see <a href="https://www.pinganyun.com/ssr/help/network/vpc/og.safety.csg" target="_blank">Create a Security Group</a>.</p> <p>3.&nbsp;&nbsp;Add the cloud host instance of the DMZ of VPC-1 to Security Group 1. For more information, see <a href="https://www.pinganyun.com/ssr/help/network/vpc/og.safety.misg.aisg" target="_blank">Bind an Instance to a Security Group</a>.</p> <p>4.&nbsp;&nbsp;Configure two items of security group rules for Security Group 1 and authorize the inbound and outbound direction access to the subnet IP address of SF network of VPC-2 respectively. For more information, see Create a Security Group Rule.</p> <p>5.&nbsp;&nbsp;Create Security Group 2 for the SF of VPC-2. For more information, see <a href="http://www.pinganyun.com/ssr/help/network/vpc/og.safety.csg" target="_blank">Create a Security Group</a>.</p> <p>6.&nbsp;&nbsp;Add the cloud host instance of the SF of VPC-2 to Security Group 2. For more information, see <a href="http://www.pinganyun.com/ssr/help/network/vpc/og.safety.misg.aisg" target="_blank"><span href="https://www.pinganyun.com/ssr/help/network/vpc/og.safety.misg.aisg" target="_blank">Bind an Instance to a Security Group</span></a>.</p> <p>7. Configure two items of security group rules for Security Group 2 and authorize the inbound and outbound direction access to the subnet IP address of the DMZ of VPC-1 respectively. For more information, see <a href="http://www.pinganyun.com/ssr/help/network/vpc/og.safety.csg" target="_blank">Create a Security Group Rule</a>.</p> <p>&nbsp;</p>