VPN Gateway is an Internet-based service that securely and reliably connects enterprise data centers, office networks, and Internet terminals to Alibaba Cloud VPCs through encrypted channels. VPN Gateway provides both IPsec-VPN connection and SSL-VPN connection.

Note Alibaba Cloud VPN Gateway does not support access to the Internet. The use of VPN Gateway is subject to local laws and policies.


VPN Gateway provides the following features:
  • IPsec-VPN

    IPsec-VPN provides site-to-site VPN connection. You can use IPsec-VPN to connect a VPC to an on-premises data center or interconnect two VPCs. IPsec-VPN supports the IKEv1 protocol and IKEv2 protocol. Therefore, any devices that support these two protocols can connect to Alibaba Cloud VPN Gateway, including devices from Huawei, H3C, Hillstone, Sangfor, Cisco ASA, Juniper, SonicWall, Nokia, IBM, and Ixia.

    For more information, see Configure a site-to-site connection and Configure a VPC-to-VPC connection.


    You can create an SSL-VPN connection to connect a remote client to applications deployed in a VPC. When the deployment is complete, you only need to load a certificate in the client to initiate the connection.

    For more information, see Linux client remote access, Window client remote access, and Mac client remote access.


VPN Gateway offers the following benefits:

  • High security: You can use the IKE and IPsec protocols to encrypt data to ensure data security and reliability.

  • High availability: With active/standby hot backup, VPN Gateway automatically switches over to failover mode within seconds to ensure session continuity and service availability.

  • Low cost: The encrypted Internet-based channel of VPN Gateway is more cost-effective than a leased line.

  • Easy to use: VPN Gateway is ready for use after you purchase it, with no additional configurations required.