Connect to VPCs - VPC network connections| Alibaba Cloud Documentation Center

This topic describes how to connect to virtual private clouds (VPCs) by using Cloud Enterprise Network (CEN) or VPN Gateway.

CEN

You can use CEN to establish private network connections between VPC networks. CEN uses automatic route distribution and learning to speed up network convergence. This allows you to improve the quality and security of cross-network communication. For more information, see Cloud Enterprise Network.

You can use a CEN instance to connect two VPCs under the same account or different accounts. The following table describes the scenarios.


Scenario	Method
Same-account VPC-to-VPC connection	Connect two VPCs in the same region under the same account
Same-account VPC-to-VPC connection	Connect two VPCs in different regions under the same account
Cross-account VPC-to-VPC connection	Connect two VPCs in the same region under different accounts
Cross-account VPC-to-VPC connection	Connect two VPCs in different regions under different accounts

CEN has the following benefits:

Worldwide connection
CEN is an enterprise-class network in which Alibaba Cloud network resources are interconnected around the world. CEN can also connect on-premises data centers that are already connected to the Alibaba Cloud network. CEN validates the IP address ranges of the connected networks and avoids duplicate IP addresses. A CEN uses controllers to automatically learn and distribute routes among multiple nodes to achieve fast route convergence on a global scale.
Low latency and high speed
CEN provides low-latency and high-speed network transmission. The maximum transmission rate between two local sites can match the port rate of the gateway devices deployed near the local sites. The network latency of global communication through CEN is much lower than network communication over the Internet.
Nearest access and shortest path transmission
CEN deploys access points and nodes in more than 60 regions in the world to support nearest access to Alibaba Cloud. This reduces the response latency and packet loss caused by data transmission over the Internet.
Link redundancy and disaster recovery
CEN provides at least four redundant links between two access points. This ensures high availability and network redundancy. If a link fails, CEN ensures that your workloads run as normal without network jitter or interruption.
Systematic management
CEN is provided with systematic network monitoring capabilities. CEN automatically detects route conflicts that are caused by system changes to ensure network stability.

VPN Gateway

VPN Gateway is an Internet-based networking service that supports route-based IPsec-VPN connections. You can use IPsec-VPN connections to ensure secure and reliable communication between VPCs. For more information, see Establish IPsec-VPN connections between two VPCs.

VPN Gateway offers the following benefits:

Security
Uses the IKE and IPsec protocols in data transmission to guarantee data security.
High availability
The hot-standby architecture enables VPN Gateway to support failover in seconds and ensure session persistence and zero service downtime.
Low cost
Establishes encrypted Internet connections, which are more cost-efficient than leased lines.
Easy to use
VPN gateways are ready for use after they are activated. Configurations immediately take effect.