This topic describes the limits on using VPN gateways. Before you use a VPN gateway, note the following limits.
|Number of VPN gateways that can be created for each account||30
Note The maximum number of VPN gateways that can be created is determined by the account, regardless of the region where the VPN gateways are deployed or the VPC networks to which the VPN gateways belong.
For example, for each account:
|Number of policy-based routes that can be created for each VPN gateway||20|
|Number of destination-based routes that can be created for each VPN gateway||20|
|Number of customer gateways that can be created in a region||100||N/A|
|Number of IPsec-VPN connections that can be created for each VPN gateway||10|
|Maximum bandwidth that each IPsec-VPN connection supports||200M
Note If the maximum bandwidth of a VPN gateway is higher than 200 Mbit/s, you can create multiple IPsec-VPN connections to make full use of the bandwidth of the VPN gateway. For more information, see How to make full use of VPN Gateway bandwidth.
|Number of source CIDR blocks that can be added to each IPsec-VPN connection||5|
|Number of destination CIDR blocks that can be added to each IPsec-VPN connection||5|
|Number of SSL client certificates that each account can reserve||50|
|Number of SSL servers that can be associated with each VPN gateway||1||N/A|
|Number of source CIDR blocks that can be added to each SSL server||5|
|Number of destination CIDR blocks that can be added to each SSL server||1|
|Ports that are not supported by SSL servers||22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, and 4500|
|Validity period of an SSL client certificate||Three years|