Posted in Alibaba Cloud, Alibaba Cloud Networking

Alibaba Cloud – VPN Gateway

   November 6, 2019
Alibaba Cloud – Virtual Private Cloud (VPC)

Alibaba Cloud VPC is a Virtual Private Network where you can create your own logically isolated network within the Alibaba Cloud. In simple terms, it’s your own private data center within the Alibaba Cloud where you can define your network topology, including IP Address Range, Network Segments and Routing, etc.

You can create multiple VPCs in the Alibaba Cloud for logical separations of Virtual Networks and connect each other with control.

When you have your VPC, VPCs in the Cloud there will be requirements to connect VPCs with your on-premises data centers or office networks. This is called a Hybrid Cloud environment. Using this can extend your on-premises data centers to the cloud and vice versa.

There are a few ways you can use to connect or extend your on-premises data centers to the Alibaba Cloud and VPN Gateway is one of them.

These technologies are,

  • Cloud Enterprise Network (CEN)
  • VPN Gateway
  • Express Connect

Alibaba Cloud – VPN Gateway

In this post we are going to discuss Alibaba’s VPN Gateway, using VPN Gateway you can interconnect your VPCs as well as on-premises data centers.

What is VPN Gateway?

VPN Gateway is an Internet-based service that you can connect your data centers securely. You can use VPN Gateway to connect enterprise office networks, data centers to Alibaba Cloud VPCs via encrypted channels. VPN Gateway supports both IPSec-VPN and SSL-VPN connections.

Alibaba VPN Gateway
VPN Gateway Advantages

High Security: You can use IKE and IPSec protocols to encrypt transmitted data to ensure data security and reliability. It supports both IKEv1 and IKEv2 protocols

High Availability: Using the active/standby hot backup architecture, VPN Gateway automatically failover to the standby within a few seconds

Low Cost: This Internet-based encrypted channel is the most core-effective way compared to the leased line (Express Connect) and Cloud Enterprise Network (CEN). And it’s Pay as You Go so you can terminate easily if you don’t need it anymore

Easy to use: VPN Gateway is an out-of-the-box configuration that takes effect immediately without waiting for other additional requirements

Alibaba Cloud – VPN Gateway – IPSec VPN

You can use VPN Gateway to create IPSec connection over IPSec VPN Tunnel to connect,

  • VPC to VPC
  • VPC to Local Data Centers or Officers

Using IPSec VPN you can connect Site to Site or Multi-Site IPSec Connections over IPSec VPN Tunnel

IPSec – Multi-Site Connections
Alibaba Cloud – VPN Gateway – SSL VPN

SSL VPN is where you use individual devices (Remote Clients) to connect to your Alibaba Cloud VPC. Remote Clients cloud be a Desktop PC, Laptops, Mobile Device, etc. It supports OpenVPN Client.

IPSec – SSL VPN Connections
Alibaba Cloud – VPN Gateway – Scenarios
  • A site to Site Connection (IPSec VPN)
A site to Site Connection (IPSec)
  • Multi-Site to Site Connection (IPSec VPN)
Multi-Site to Site Connection (IPSec)
  • VPC to VPC Connection (IPSec VPN)
VPC to VPC Connection
  • Point to Site Connection (SSL VPN)
Point to Site Connection (SSL VPN)
  • Site to Site and Point to Site Connection (IPSec and SSL VPN)
Site to Site and Point to Site Connection (IPSec and SSL VPN)