What's new
VPN Gateway introduces the Enhanced VPN Gateway, a new IPsec-VPN gateway type. Compared to the Classic VPN Gateway, it provides the following improvements:
-
Feature updates
-
An Enhanced VPN Gateway supports multiple algorithms per IPsec-VPN connection, including two new encryption algorithms (AES128-GCM16 and AES256-GCM16) and 10 new DH groups from 15 to 24.
-
Each IPsec-VPN connection on an Enhanced VPN Gateway is automatically assigned a unique tunnel IP address and includes 1 Gbps of dedicated bandwidth by default.
-
In Protected Data Flows mode, you can configure up to 10 local CIDR blocks and 10 remote CIDR blocks for each IPsec-VPN connection.
-
The Enhanced VPN Gateway no longer supports policy-based routing, and instead supports only destination-based and dynamic routing.
-
-
Billing updates
Billing for the Enhanced VPN Gateway includes only the IPsec-VPN connection fee and the CDT traffic fee. For pricing details, see VPN Gateway billing.
Limitations
-
You cannot upgrade an existing Classic VPN Gateway to an Enhanced VPN Gateway. Instead, you must create a new one.
-
This release applies only to IPsec-VPN. The Enhanced VPN Gateway does not support SSL-VPN. If you need SSL-VPN for client access to cloud resources, continue using a Classic VPN Gateway.
-
The Enhanced VPN Gateway does not currently support Chinese cryptographic algorithms. If you require these algorithms, continue to use a Classic VPN Gateway for IPsec-VPN.
-
This feature is in invitational preview. During the preview period, the IPsec-VPN connection fee is waived. To request access, contact an Alibaba Cloud engineer to have the service enabled.
Available regions
-
Currently available in: Malaysia (Kuala Lumpur), UK (London), China (Chengdu), US (Virginia), US (Silicon Valley), China (Hong Kong), and Singapore.
-
This list will be updated as more regions become available.
Get started
For more information, see Comparison of Enhanced and Classic VPN Gateways.