Connecting to Salesforce Express Connect
Salesforce Express Connect lets you access Salesforce applications and services directly with a private, dedicated connection. When you create a Salesforce Express Connect through the Megaport Portal:
- Express Connect is delivered as a Layer 3 routed service.
- You access Salesforce services using public IPs and are required to run BGP to receive Salesforce routes.
- Megaport allocates a /31 public IP range for each Salesforce peering.
Express Connect offers two IP addressing options:
- You can source NAT your LAN traffic to use the /31 public IP space
provided by Megaport.
- You can advertise your own public IP address space to Salesforce. (Salesforce will not accept RFC1918 routes.)
- Provisioning. One virtual cross-connect (VXC) provisions two logical connections to Salesforce using a Megaport Cloud Router (MCR). Salesforce has redundant routers which provide guaranteed uptime for both service locations.
- Timeframe. Salesforce can take up to two business days for approval once a VXC is deployed from the Portal.
- IP Addresses and ASN. Customers can use their own publicly registered IP space or Megaport will allocate a public /31 for the end user to peer directly with Salesforce. RFC 1918 private space is not allowed. Private and public ASNs are accepted.
- Internet Backup. Although Megaport always recommends two Megaports for redundancy, an Express Connect over Megaport can be used for the primary connection to Salesforce and if you use publicly routed IP space and the single Megaport fails, routing to Salesforce can revert to the public Internet.
This figure shows a common Express Connect deployment:
To create a connection to Salesforce Express Connect
- In the Megaport Portal,
go to the Services page and select the Megaport you want to use.
If you haven’t already created a Megaport, see Creating a Megaport.
Add a VXC connection for the port.
If this is the first connection for the port, click the Salesforce tile. The tile is a shortcut to the configuration page. Alternatively, click +Connection, click Cloud, and click Salesforce.
Select Salesforce.com as the provider.
Select your destination Port and click Next.
Specify these connection details:
Name your connection – The name of your VXC to be shown in the Megaport Portal.
Invoice Reference – This is an optional field. It can be any text, such as a PO number or billing reference number.
Rate Limit – This is the speed of your connection in Mbps. The rate limit can be any value between 1Mb and 5GB.
Preferred A-End VLAN – Optionally, specify a VLAN ID for this connection. This must be a unique VLAN ID on this port and can range from 2 to 4093. If you don’t specify a value, Megaport will assign one.
You can click to Untag this VXC to remove the VLAN tagging for this connection. The untagged option limits you to only one VXC deployed on this port.
Provide the connection details for the Salesforce service. Provide these values:
ASN – Enter a private or public ASN
BGP Password – Optionally, specify the BGP Auth Key.
Prefixes – Enter prefixes to announce to Salesforce — RIR assigned IPv4 address ranges only. If you do not have public IP ranges, you can source NAT to the /31s IP provided by Megaport. If you are going to use the /31s IP provided by Megaport, you can leave this field blank.
Note: RFC 1918 space is not permitted.
Once configured, you cannot add new prefixes to the VXC.
A summary page appears that includes the monthly cost. Click Back to make changes or click Add VXC to move this configuration to your cart. Once you have finished this configuration, you can configure additional VXCs or proceed through the checkout process.
After you complete the check out process, Salesforce can take up to two business days to approve the connection request. The VXC status will be Deployable until Salesforce accepts the connection.
When Salesforce accepts the request, two logical and redundant connections are created from Salesforce.
You can view and edit the details of your SEC connection by clicking the VXC and selecting Details.
Configure one BGP peering connection using the /31 IP addresses assigned by Megaport.
It is important to configure the IP address that has been assigned to you for the local interface as it has been automatically whitelisted on the SEC side. You will still be able to configure your own public prefixes for advertising across this link using the Megaport specific peering IP address.