This topic describes the limits and quotas of VPN gateways and how to request a quota increase.

Limits on instances

Item Limit Adjustable
Maximum number of VPN gateways that you can create with each Alibaba Cloud account 30
Note This quota is determined only by the number of Alibaba Cloud accounts and is irrelevant to regions or virtual private clouds (VPCs).
For example, for each Alibaba Cloud account:
  • You can create at most 30 VPN gateways for one VPC in one region.
  • You can create at most 30 VPN gateways for multiple VPCs in multiple regions.
submit a ticket or contact your business manager.
Maximum number of custom routes that point to a VPN gateway supported by a VPC 50
Maximum bandwidth supported by a VPN gateway 200 Mbps
Maximum number of routes supported by the BGP route table of a VPN gateway 50 submit a ticket or contact your business manager.

You can increase the quota to up to 200.

Maximum number of policy-based routes supported by each VPN gateway 20

You can navigate to the Quota Management page to request a quota increase. For more information, see Manage quotas.

Maximum number of destination-based route entries supported by each VPN gateway 20

Limits on customer gateways

Item Limit Adjustable
Maximum number of customer gateways that you can create in each region 100 N/A

Limits on IPsec-VPN connections

Item Limit Adjustable
Maximum number of IPsec-VPN connections that you can create on each VPN gateway 10 submit a ticket or contact your business manager.
Note If your VPN gateway was created before January 2021, we recommend that you upgrade the VPN gateway to the latest version before you apply for a quota increase. For more information, see Upgrade a VPN gateway.
Maximum number of local CIDR blocks that can be added to each IPsec-VPN connection 5 N/A
Maximum number of peer CIDR blocks that can be added to each IPsec-VPN connection 5

Limits on SSL-VPN connections

Item Limit Adjustable
Maximum number of SSL client certificates that you can create with each Alibaba Cloud account 50

You can navigate to the Quota Management page to request a quota increase. For more information, see Manage quotas.

Maximum number of SSL servers that can be associated with each VPN gateway 1 N/A
Maximum number of local CIDR blocks that can be added to each SSL server 5
Maximum number of peer CIDR blocks that can be added to each SSL server 1
Ports that are not supported by SSL servers 22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, and 4500
Validity period of an SSL client certificate Three years