VPN Gateway is an Internet-based service that securely and reliably connects enterprise data centers, office networks, and Internet terminals to virtual private clouds (VPCs) of Alibaba Cloud through encrypted channels. This topic describes the common scenarios of VPN Gateway.

Connect a data center to a VPC

You can use IPsec-VPN to connect a data center to a VPC and build a hybrid cloud. For more information, see Connect a data center to a VPC.

Scenario 1 - Connect a data center to a VPC

Connect two VPCs

You can use IPsec-VPN to connect two VPCs. This way, cloud resources can be shared across the VPCs. For more information, see Establish IPsec-VPN connections between two VPCs.

Scenario 2 - Connect two VPCs

Connect a client to a VPC

You can use SSL-VPN to connect a client to a VPC. This way, your client can securely connect to a VPC over the Internet regardless of time and location to meet your telecommuting requirements.

You can initiate an SSL-VPN connection from clients that run Windows, Linux, macOS, iOS, or Android. For more information, see Connect a client to a VPC.

Scenario 3 - Connect a client to a VPC

Connect multiple office networks

You can use IPsec-VPN to connect multiple office networks to a VPN gateway, and use the hub-spoke network topology to allow communication between the office networks. For more information, see Configure hub-spoke connections.

Scenario 4 - Configure hub-spoke connections

Connect a client to an office network

You can use IPsec-VPN together with SSL-VPN to connect a client and an office network to a VPC. This way, the client and the office network can access the VPC, and the client and the office network can communicate with each other.

Scenario 5 - Use IPsec-VPN together with SSL-VPN