You can use IPsec-VPN to establish secure and reliable connections between data centers or office networks and virtual private clouds (VPCs) on Alibaba Cloud. You can associate IPsec-VPN connections with VPN gateways and transit routers. This topic describes the common scenarios in which IPsec-VPN connections are associated with VPN gateways.

Common scenarios of public VPN gateways

Connect a data center to a VPC

You can use IPsec-VPN to connect a data center to a VPC to build a hybrid cloud network. For more information, see Connect a data center to a VPC.

Connect a data center to a VPC

Connect a VPC to a VPC

You can use IPsec-VPN to connect two VPCs. This way, cloud resources can be shared across the VPCs. For more information, see Establish IPsec-VPN connections between two VPCs.

Connect a VPC to a VPC

Establish active/standby IPsec-VPN connections between a data center and a VPC to implement high availability

You can associate multiple IPsec-VPN connections with a VPN gateway. A data center can communicate with a VPC through active/standby IPsec-VPN connections. For more information, see Ensure high availability by establishing multiple IPsec-VPN connections.

Establish active/standby IPsec-VPN connections

Connect multiple office networks

You can use IPsec-VPN to connect multiple office networks to a VPN gateway, and use the hub-spoke network topology to enable private communication between the office networks. For more information, see Configure hub-spoke connections.

Configure hub-spoke connections

Common scenarios of private VPN gateways

Encrypt private connections over Express Connect circuits

You can use IPsec-VPN to encrypt a private connection over an Express Connect circuit between a data center and a VPC. This ensures network security. For more information, see Encrypt a private connection by using a private VPN gateway.

Common scenarios of private VPN gateways