Connect two VPCs - VPC network connections| Alibaba Cloud Documentation Center

Connect two VPCs

Edit in Github

Last Updated: Aug 20, 2019 Edit in Github

This topic describes the methods that you can use to connect two VPCs. You can use a CEN or a VPN Gateway to connect two VPCs.

Cloud Enterprise Network

A Cloud Enterprise Network (CEN) is a solution that helps you establish private channels between VPCs. With automatic route distribution and learning, a CEN can improve network convergence, quality, and security to support mutual access among global resources. For more information, see What is Cloud Enterprise Network?

You can use a CEN to connect two VPCs under the same account or different accounts. The following table describes the scenarios.


Scenario	Method
Connect two VPCs under the same account	Connect two VPCs in the same region under the same account
Connect two VPCs under the same account	Connect two VPCs in different regions under the same account
Connect two VPCs under different accounts	Connect two VPCs in the same region under different accounts
Connect two VPCs under different accounts	Connect two VPCs in different regions under different accounts

The benefits of CENs are as follows:

Global access
A CEN is an enterprise-class network that can connect Alibaba Cloud resources around the world and the resources that have access to Alibaba Cloud. CENs validate the IP address ranges of the connected networks to ensure that these IP address ranges do not conflict with each other. Moreover, CENs automatically forward and learn multi-node routes through controllers to rapidly converge global routes.
Low latency and high speed
CENs provide low-latency and high-speed network transmission. The maximum local access rate can reach the port forwarding rate of the gateway device. In global network communication, the latency of CENs is much shorter than that of the Internet.
Nearest access and shortest path
CENs deploy multiple access points and forwarding points in more than 60 regions around the world to support nearest access to Alibaba Cloud.
Link redundancy and disaster recovery
CENs features high availability and network redundancy by providing at least four redundant links between any two access points. If a link fails, your services can still operate normally without network jitter or disruptions.
Systematic management
CENs have systematic network monitoring capabilities that automatically detect route conflicts caused by system changes and guarantee network stability.

VPN Gateway

A VPN Gateway is an Internet-based networking solution that supports route-based IPsec-VPN connections. You can use IPsec-VPN connections to connect different VPCs securely and reliably. For more information, see Establish a connection between two VPCs.

The benefits of VPN Gateways are as follows:

High security
The IKE and IPsec protocols are used to encrypt transmission data to guarantee data security.
High availability
With hot backup, VPN Gateways automatically switch to the failover mode within seconds to ensure session continuity and service availability.
Low cost
The Internet-based encrypted channels established by VPN Gateways are more cost-effective than leased lines.
Easy configuration
VPN Gateways are ready for use after being activated. All configurations take effect in real time.