This topic describes how to create a customer gateway. You can use a customer gateway to establish an IPsec-VPN connection between a virtual private cloud (VPC) and a data center or between two VPCs. After you create a customer gateway, you can update the information about a gateway device in the data center to Alibaba Cloud. Then, you can connect the customer gateway to a VPN gateway. A customer gateway can connect to multiple VPN gateways.


  1. Log on to the VPN Gateway console.
  2. In the left-side navigation pane, choose Interconnections > VPN > Customer Gateways.
  3. In the top navigation bar, select the region where you want to create the customer gateway.
    Note Make sure that the customer gateway and the VPN gateway to be connected are deployed in the same region.
  4. On the Customer Gateways page, click Create Customer Gateway.
  5. On the Create Customer Gateway page, set the following parameters and click OK.
    Parameter Description

    Enter a name for the customer gateway.

    IP Address Enter the static public IP address of the gateway device in the data center.
    ASN Enter the autonomous system number (ASN) of the gateway device in the data center. Valid values: 1 to 4294967295.

    You can enter the ASN in two segments and separate the first 16 bits from the following 16 bits with a period (.). Enter the number in each segment in the decimal format.

    For example, if you enter 123.456, the ASN is: 123 × 65536 + 456 = 8061384.

    • This parameter is required when the VPN gateway has dynamic BGP routing enabled.
    • We recommend that you use a private ASN to establish a connection with Alibaba Cloud over BGP. Refer to the relevant documentation for the private ASN range.

    Enter a description for the customer gateway.

    You can click Add below the Description field to create multiple customer gateways at a time.