1. Does VPN Gateway support the classic network?

Not supported. VPN Gateway supports only the VPC network. If you want to use VPN Gateway in the classic network, you must enable the ClassicLink function in VPC. For more information, see Use IPsec-VPN in the classic network.

2. What are the prerequisites for a local site to access VPC through the IPsec-VPN function?

A static public IP and a gateway device supporting IKEv1 and IKEv2 are required. The CIDR block of the VPC and the CIDR block of the local site do not conflict with each other. For more information, see Configure a site-to-site connection.

3. Can VPCs in different regions use VPN Gateway to achieve intercommunication?

Yes. For more information, see Configure a VPC-to-VPC connection.

4. Which local gateways does VPN Gateway support?

IPsec connections support IKEv1 and IKEv2 protocols. Therefore, any device that supports these two protocols can connect to Alibaba Cloud VPN Gateway. These devices include those from Huawei, H3C, Cisco, ASN, Juniper, SonicWall, Nokia, IBM, and Ixia. For more information, see Configure H3C firewall

5. Does VPN Gateway support SSL-VPN?

Yes. For more information, see Tutorial overview.

6. How many IPsec connections can be created for each VPN Gateway?

Each VPN Gateway can support up to 10 IPsec connections. If you want more IPsec connections, create more VPN Gateways.

7. Can I use VPN Gateway to access the Internet?

No, it cannot. VPN Gateway only provides intranet access to VPCs. It does not provide access to the Internet.

8. Does the traffic between two VPCs connected by VPN Gateway go through the Internet?

No. Cross-region VPC intercommunication is achieved through VPN, and the traffic passes through Alibaba Cloud network instead of the Internet.

9. Can I configure multiple remote networks in one IPsec connection?

Yes. You can separate the networks by commas. We recommend that you use the IKEv2 protocol.

10. Can I downgrade the VPN Gateway configuration?

Yes. You can submit a ticket to downgrade the configuration.

11. Can a VPN Gateway instance purchased before the launching of the SSL-VPN function use this function?

You cannot directly enable the SSL-VPN function on a VPN Gateway instance purchased before the launching of this function. You and must open a ticket if you want to enable the SSL-VPN function in this situation.