×
Community Blog Virtual Private Network (VPN) Gateway: Connection Between a VPC and On-premise Data Center

Virtual Private Network (VPN) Gateway: Connection Between a VPC and On-premise Data Center

VPN Gateway is an Internet-based service that establishes a connection between a VPC and your on-premise data center.

Virtual Private Network (VPN) Gateway Overview

Virtual Private Network (VPN) Gateway is an Internet-based service that securely and reliably connects enterprise data centers, office networks, or Internet-facing terminals to Alibaba Cloud Virtual Private Cloud (VPC) networks through encrypted connections. VPN Gateway supports both IPsec-VPN connection and SSL-VPN connection.

IPsec-VPN

The route-based IPsec-VPN facilitates the configuration and maintenance of VPN policies and provides flexible traffic routing methods.

You can use IPsec-VPN to connect an on-premises data center to a VPC network or connect two VPC networks. IPsec-VPN supports IKEv1 and IKEv2 protocols. Any devices that support these two protocols can connect to Alibaba Cloud VPN Gateway, such as devices manufactured by Huawei, H3C, Hillstone, Sangfor, Cisco ASA, Juniper, SonicWall, Nokia, IBM, and Ixia.

SSL-VPN

SSL-VPN is implemented based on the OpenVPN framework. You can create an SSL-VPN connection to connect a remote client to applications and services deployed in a VPC network. After the deployment is complete, you only need to import the certificate to the client to initiate the connection.

The Benefits of Virtual Private Network (VPN) Gateway

VPN Gateway offers the following benefits:

  • High security: You can use the IKE and IPsec protocols to encrypt data to ensure secure and reliable data transmission.
  • High availability: VPN Gateway adopts the hot-standby architecture to achieve failover of less than several seconds, session persistence, and zero service downtime.
  • Low cost: The encrypted Internet-based channel of VPN Gateway is more cost-effective than a leased line.
  • Ease of use: VPN Gateway is a ready-to-use service that requires no additional configuration.

The Scenarios of Virtual Private Network (VPN) Gateway

Virtual Private Network (VPN) Gateway is an Internet-based service that securely and reliably connects enterprise data centers, office networks, and Internet terminals to Alibaba Cloud VPCs through encrypted channels. VPN Gateways provides flexible configurations to meet the demands of different scenarios.

Connect a VPC to an on-premises data center

You can connect an on-premises data center to a VPC to build a hybrid cloud through the following two ways:
The route-based IPsec-VPN not only facilitates the configuration and maintenance of VPN policies but also provides flexible traffic routing methods.

Note: To establish a VPN connection between a VPC and an on-premises data center, the IP address ranges of the on-premises data center and the VPC cannot conflict with each other, and a static public IP address must be configured for the gateway device of the on-premises data center.
VPN_Gateway_1

Interconnect two VPCs

You can rapidly interconnect two VPCs through IPsec-VPN.
The route-based IPsec-VPN not only facilitates the configuration and maintenance of VPN policies but also provides flexible traffic routing methods.

Not: The IP address ranges of the VPCs cannot conflict with each other.
VPN_Gateway_2

Connect a remote client to a VPC

You can connect a client to a VPC through an SSL-VPN tunnel to meet the needs of remote working. With SSL-VPN connections, you can securely access a VPC through the Internet at any time, anywhere.

SSL-VPN connections support remote access from clients running Windows, Linux, Mac, IOS, or Android operating systems.

Note: The IP address ranges of the clients cannot conflict with the IP address range of the VSwitch in the VPC.
VPN_Gateway_3

Hub Spoke connection

You can establish secure communications among multiple sites by using the Hub Spoke function to interconnect the sites through the VPN Gateway of the VPC. Hub Spoke can meet the needs of large enterprises to establish intranet communication between office sites.
VPN_Gateway_4

Use IPsec-VPN and SSL-VPN together

You can use IPsec-VPN and SSL-VPN connections together to expand your network topology. Once the connections are established, the client can access the applications deployed in the connected VPC, and can also access the applications deployed in the connected office sites.

Note: All private IP address ranges to be connected cannot conflict with one another.
VPN_Gateway_5

Related Product

Alibaba Cloud VPN Gateway

VPN Gateway is used to transmit encrypted traffic between Alibaba Cloud VPCs and enterprise data centers, enterprise office networks, or Internet platforms over the Internet. You can use this service to establish reliable and secure connections for data transmission. According to China’s regulations and laws, Alibaba Cloud VPN Gateway cannot be used as an Internet access service.

Related Learning Course

Alibaba Cloud VPN Gateway – Live Demo

Alibaba Cloud VPN is an important security and management product. VPN is an Internet-based service that securely and reliably connects enterprise data centers, enterprise office networks, or Internet terminals to Alibaba Cloud VPCs through encrypted channels. VPN Gateway supports both IPsec-VPN connection and SSL-VPN connection.

Related Blog

Networking with Alibaba Cloud VPN Gateway and FlexGW

Alibaba Cloud VPN Gateway provides services by the relevant VPN national policies and regulations.

0 0 0
Share on

Alibaba Clouder

2,425 posts | 548 followers

You may also like

Alibaba Clouder

2,425 posts | 548 followers

Related Products

  • VPN Gateway

    VPN Gateway is an Internet-based service that establishes a connection between a VPC and your on-premise data center.

    Learn More
  • Alibaba Cloud PrivateZone

    Alibaba Cloud DNS PrivateZone is a Virtual Private Cloud-based (VPC) domain name system (DNS) service for Alibaba Cloud users.

    Learn More
  • VPC

    A virtual private cloud service that provides an isolated cloud network to operate resources in a secure environment.

    Learn More
  • Apsara Stack

    Apsara Stack is a full-stack cloud solution created by Alibaba Cloud for medium- and large-size enterprise-class customers.

    Learn More