VPN Gateway is a network connection service that securely and reliably connects enterprise data centers, office networks, and Internet clients to virtual private clouds (VPCs) of Alibaba Cloud through encrypted and private channels.

Note To comply with national regulations and policies, Alibaba Cloud VPN Gateway does not provide Internet access services.
Overview - June, 2022

Features

Connection types of VPN Gateway

VPN Gateway allows you to establish IPsec-VPN and SSL-VPN connections. These connection types are ideal for different scenarios.

Connection type Description Scenario References
IPsec-VPN IPsec-VPN is a route-based network connection technology that provides flexible traffic routing methods and allows you to configure and maintain VPN policies with ease.
  • Allows you to connect enterprise data centers and office networks to VPCs.
  • Allows you to connect different VPCs.
Overview of IPsec-VPN connections
SSL-VPN SSL-VPN is a network connection technology based on OpenVPN. After you deploy the required resources, you need to only load an SSL client certificate to an Internet client and initiate a connection to a VPC. Allows you to connect Internet clients to VPCs. SSL-VPN overview

Types of VPN gateways

VPN gateways support different network types. VPN gateways of different network types establish encrypted channels by using different methods and meet different business requirements.
Type of VPN gateway Supported network type Supported connection type Method of establishing encrypted tunnels Scenario References
Standard VPN gateway Public
  • IPsec-VPN
  • SSL-VPN
 Encrypted tunnels are established over the Internet. Standard algorithms are used for encryption. This type is ideal for connecting enterprise data centers, office networks, or Internet clients to VPCs. Common scenarios
Private IPsec-VPN Encrypted tunnels are established based on private connections over Express Connect circuits. Standard algorithms are used for encryption. This type is ideal for encrypting private connections over Express Connect circuits between data centers or office networks and VPCs.

Benefits

  • Security

    VPN Gateway uses the IKE and IPsec protocols in data transmission to ensure data security.

  • Stability

    VPN Gateway adopts the hot-standby architecture to implement failover within a few seconds, session persistence, and zero service downtime.

  • Ease of use

    A VPN gateway is ready-to-use and its configurations immediately take effect. You can deploy VPN gateways in a fast manner.

  • Cost savings

    The encrypted and Internet-based connections provided by VPN Gateway are more cost-effective than Express Connect circuits.