This topic describes the release notes for VPN Gateway and provides links to the relevant references.
June 2023
Feature | Category | Description | References |
Dual-tunnel IPsec-VPN connections | Optimization | Dual-tunnel IPsec-VPN connections are supported. In this mode, each IPsec-VPN connection has one active tunnel and one standby tunnel in different zones. When the active tunnel is down, the standby tunnel takes over. This implements high availability. |
February 2023
Feature | Category | Description | References |
Troubleshooting | New | You can view the logs of IPsec-VPN connections and SSL-VPN connections, and error codes of IPsec-VPN connections in the VPN Gateway console. After you activate Network Intelligence Service (NIS) for VPN Gateway, you can troubleshoot VPN Gateway issues by using features such as VPN gateway diagnostics and reachability analyzer. You can troubleshoot VPN gateway issues on the Troubleshooting page in the Virtual Private Cloud (VPC) console. | |
Reachability analyzer | New | VPN Gateway works with Network Intelligence Service (NIS) and supports the reachability analyzer feature. You can use reachability analyzer to check the connectivity between the resources that are connected over a VPN gateway. |
January 2023
Feature | Category | Description | References |
IPsec-VPN connection error codes | New | You can view the error codes of IPsec-VPN connections. You can troubleshoot an IPsec-VPN connection issue based on the error code and log data of the IPsec-VPN connection displayed in the VPN Gateway console. | |
VPN gateway diagnostics | New | VPN gateway works with NIS. You can use NIS to diagnose VPN gateways and obtain solutions. You can use this feature to troubleshoot IPsec negotiation issues, route configuration issues, and VPN gateway status issues. | |
SSL-VPN connection logs | Optimization | You can query the logs of an SSL server within the last 180 days. The maximum duration of each log that you can query is 10 minutes. |
December 2022
Feature | Category | Description | References |
Connection information about an SSL client | New | You can view the connection information about an SSL client in the console after you connect the client to Alibaba Cloud through an SSL-VPN connection. | |
Priority | Optimization | You can specify a priority for a policy-based route. Policy-based routes are matched against traffic in descending order of route priority. A smaller priority value indicates a higher priority. The VPN gateway forwards traffic based on the matched route. |
November 2022
Feature | Change type | Description | References |
Maximum bandwidth supported by a VPN gateway | Optimization | VPN gateways in multiple regions support 1,000 Mbit/s bandwidth. |
August 2022
Feature | Type | Description | References |
A transit router can be associated with an IPsec-VPN connection. | New feature | After a transit router is associated with an IPsec-VPN connection, a data center can connect to the virtual private cloud (VPC). In addition, the high availability of the IPsec-VPN connection can be implemented by using equal-cost multi-path routing (ECMP). |
April 2022
Feature | Type | Description | References |
Private VPN gateways | New | Private VPN gateways are available. You can use private VPN gateways to encrypt connections over Express Connect circuits. This improves network security. |
August 2021
Feature | Type | Description | References |
VPN gateway upgrades | New | Compared with the earlier versions of VPN Gateway, the latest version supports more features, such as BGP dynamic routing and dead peer detection (DPD). You can upgrade your VPN gateway to the latest version to use the new features. |
June 2020
Feature | Type | Description | References |
BGP dynamic routing | New | BGP dynamic routing is supported. VPN gateways can use BGP dynamic routing to automatically learn and advertise routes for communication. |
March 2020
Feature | Type | Description | References |
Two-factor authentication for SSL-VPN | New | Alibaba Cloud Identity as a Service (IDaaS) is supported by SSL-VPN connections. IDaaS provides a variety of methods to authenticate SSL clients. |
April 2019
Feature | Type | Description | References |
Route-based IPsec-VPN | Optimized | Policy-based IPsec-VPN is replaced by route-based IPsec-VPN, which provides more flexible traffic routing methods. |