Before you can establish a VPN connection, you must first create a VPN gateway. This topic describes how to create, modify, and delete a VPN gateway.

Create a VPN gateway

  1. Log on to the VPN Gateway console.
  2. On the VPN Gateways page, click Create VPN Gateway.
  3. On the buy page, set the following parameters, click Buy Now, and then complete the payment.
    Parameter Description
    Name Enter a name for the VPN gateway.

    The name must be 2 to 100 characters in length, and can contain digits, underscores (_), and hyphens (-). It must start with a letter.

    Region Select the region where you want to deploy the VPN gateway.

    Make sure that the VPN gateway and the virtual private cloud (VPC) with which you want to associate the VPN gateway are deployed in the same region.

    VPC Select the VPC with which you want to associate the VPN gateway.
    Specify VSwitch Select whether you want to associate the VPN gateway with a specified vSwitch.
    • No: does not associate the VPN gateway with a specified vSwitch. If you select No, the VPN gateway is associated with a random vSwitch of the VPC.
    • Yes: associates the VPN gateway with a specified vSwitch. If you select Yes, the VPN gateway is associated with the specified vSwitch of the VPC.
    Maximum Bandwidth Specify a maximum bandwidth value for the VPN gateway. Unit: Mbit/s.
    Traffic Select a metering method for the VPN gateway. Default value: Pay-by-data-transfer.
    IPsec-VPN Specify whether to enable IPsec-VPN. Default value: Enable.

    You can use the IPsec-VPN feature to establish a secure connection between a data center and a VPC or between two VPCs.

    SSL-VPN

    Specify whether to enable SSL-VPN. Default value: Disable.

    SSL-VPN allows you to establish secure connections between clients and servers without the need to configure customer gateways. For example, you can establish SSL-VPN connections between Linux clients and VPCs.

    SSL Connections Select the maximum number of concurrent SSL-VPN connections that the VPN gateway supports.
    Note This parameter is valid only after you enable SSL-VPN.
    Duration

    Specify the billing cycle. Default value: By Hour.

    Service-linked Role Click Create Service-linked Role and the system automatically creates the service-linked role AliyunServiceRoleForVpn.

    For more information about how a VPN gateway assumes the role to access other cloud resources, see AliyunServiceRoleForVpn.

    If Created is displayed, it indicates that the service-linked role is created and you do not need to create it again.

Modify the name and description of a VPN gateway

  1. Log on to the VPN Gateway console.
  2. In the top navigation bar, select the region of the VPN gateway.
  3. On the VPN Gateways page, find the VPN gateway that you want to manage.
    • In the Instance ID/Name column, click Edit. In the dialog box that appears, enter a new name and click OK.

      The name must be 2 to 100 characters in length, and can contain digits, underscores (_), and hyphens (-). It must start with a letter.

    • Click Edit in the Description column. In the dialog box that appears, enter a new description and click OK.

      The description must be 2 to 100 characters in length, and can contain digits, underscores (_), and hyphens (-). It must start with a letter.

Delete a VPN gateway

Before you delete a VPN gateway, make sure that no IPsec-VPN connection, SSL server, or IPsec server exists on the VPN gateway. For more information, see the following topics:
  1. Log on to the VPN Gateway console.
  2. In the top navigation bar, select the region of the VPN gateway.
  3. On the VPN Gateways page, find the VPN gateway that you want to delete and click Delete in the Actions column.
  4. In the Delete VPN Gateway message, click OK.

References