Document Center

All Products

Document Center

VPN Gateway:Limits

Last Updated:Jul 02, 2024

This topic describes the limits on the usage and performance of SSL-VPN connections. This topic also describes how to request a quota increase.

Limits on VPN gateways

Item	Limit	Adjustable
Maximum number of VPN gateways that you can create within each Alibaba Cloud account	30 Note This quota is determined only by the number of Alibaba Cloud accounts and is irrelevant to regions or virtual private clouds (VPCs). For example, for each Alibaba Cloud account: You can create up to 30 VPN gateways for one VPC in one region. You can create up to a total of 30 VPN gateways for multiple VPCs in multiple regions.	You can use one of the following methods to increase the quota: Go to the Quota Management page and request a quota increase. For more information, see Manage SSL-VPN quotas. Go to the Quota Center console and request a quota increase. For more information, see Manage SSL-VPN quotas.
Maximum bandwidth supported by a VPN gateway	1,000 Mbit/s Note The maximum bandwidth supported by VPN gateways in some regions is 500 Mbit/s. For more information about the regions, see the Limits section of the "Create and manage a VPN gateway" topic.	No
Maximum number of packets that can be transmitted by a VPN gateway per second	120,000 (256 bytes per packet)	No
Maximum number of connections supported by a VPN gateway	200,000 Note A network 5-tuple uniquely identifies a connection. A 5-tuple consists of a source IP address, a destination IP address, a source port number, a destination port number, and the protocol in use. The connections can be established by using the TCP, UDP, and Internet Control Message Protocol (ICMP) protocols.	No

Limits on SSL-VPN connections

Item	Limit	Adjustable
Maximum number of SSL client certificates that you can create with each Alibaba Cloud account	50	You can use one of the following methods to increase the quota: Go to the Quota Management page and request a quota increase. For more information, see Manage SSL-VPN quotas. Go to the Quota Center console and request a quota increase. For more information, see Manage SSL-VPN quotas.
Maximum number of SSL servers that can be associated with each VPN gateway	1	No
Maximum number of local CIDR blocks that can be added to each SSL server	5
Maximum number of peer CIDR blocks that can be added to each SSL server	1
Maximum number of clients supported by each VPN gateway	1,000
Ports that are not supported by SSL servers	22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, and 4500
Validity period of an SSL client certificate	Three years

Limits on IPsec servers

Item	Limit	Adjustable
Maximum number of IPsec servers that you can create on each VPN gateway	1	No
Maximum number of clients supported by each IPsec server	50	No