All Products
Search
Document Center

Cloud Config:Using multi-zone VPN Gateway

Last Updated:Jun 17, 2026

Evaluates whether a VPN Gateway has two vSwitches configured across zones to ensure cross-zone high availability. A VPN Gateway with two vSwitches configured is considered compliant.

Scenarios

By configuring two vSwitches in multiple zones for a VPN Gateway, an enterprise achieves cross-zone high availability, ensuring stable and secure remote connections even if one zone fails. This configuration is considered compliant.

Risk level

Default risk level: high.

You can change the risk level as needed.

Detection logic

Checks whether two vSwitches are configured for the VPN Gateway to ensure cross-zone high availability. A VPN Gateway with two vSwitches configured is considered compliant.

Rule details

Parameter

Description

Rule name

Using multi-zone VPN Gateway

Rule identifier

vpn-gateway-multi-zone

Automatic remediation

Not supported

Rule trigger

Configuration change

Supported resource types

ACS::VPN::VpnGateway

Input parameters

None

Remediation guidance

For more information, see Create and manage VPN Gateway instances.