This topic describes the limits on using VPN gateways. Before you use a VPN gateway, note the following limits.
Instance limits
Item | Limit | Adjustable |
---|---|---|
Number of VPN gateways that can be created for each account | 30
Note The maximum number of VPN gateways that can be created is determined by the account,
regardless of the region where the VPN gateways are deployed or the VPC networks to
which the VPN gateways belong.
For example, for each account:
|
Go to the Quota Management page and request a quota increase. For more information, see Manage quotas. |
Number of policy-based routes that can be created for each VPN gateway | 20 | |
Number of destination-based routes that can be created for each VPN gateway | 20 |
Customer gateways
Item | Limit | Adjustable |
---|---|---|
Number of customer gateways that can be created in a region | 100 | N/A |
IPsec-VPN connections
Item | Limit | Adjustable |
---|---|---|
Number of IPsec-VPN connections that can be created for each VPN gateway | 10 |
Go to the Quota Management page and request a quota increase. For more information, see Manage quotas. |
Maximum bandwidth that each IPsec-VPN connection supports | 200M
Note If the maximum bandwidth of a VPN gateway is higher than 200 Mbit/s, you can create
multiple IPsec-VPN connections to make full use of the bandwidth of the VPN gateway.
For more information, see How to make full use of VPN Gateway bandwidth.
|
N/A |
Number of source CIDR blocks that can be added to each IPsec-VPN connection | 5 | |
Number of destination CIDR blocks that can be added to each IPsec-VPN connection | 5 |
SSL-VPN connections
Item | Limit | Adjustable |
---|---|---|
Number of SSL client certificates that each account can reserve | 50 |
Go to the Quota Management page and request a quota increase. For more information, see Manage quotas. |
Number of SSL servers that can be associated with each VPN gateway | 1 | N/A |
Number of source CIDR blocks that can be added to each SSL server | 5 | |
Number of destination CIDR blocks that can be added to each SSL server | 1 | |
Ports that are not supported by SSL servers | 22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, and 4500 | |
Validity period of an SSL client certificate | Three years |