Parameter | Description |
Instance Name | The name of the VPN gateway. |
Resource Group Select the resource group to which the cluster belongs. You can use resource groups to manage resources within your Alibaba Cloud account by category and group. You can manage permissions, deploy resources, and monitor resources based on groups without the need to separately process each resource. Default Resource Group | The resource group to which the VPN gateway belongs. If you leave this parameter empty, the VPN gateway belongs to the default resource group. You can manage the resource group to which the VPN gateway belongs and resource groups to which other cloud resources belong in the Resource Management console. For more information, see What is Resource Management? |
Region | The region in which you want to create the VPN gateway. Make sure that the VPN gateway and the VPC with which you want to associate the VPN gateway reside in the same region. |
Gateway Type | The type of VPN gateway that you want to create. Default value: Standard. |
Network Type | The network type of the VPN gateway. Valid values: |
Tunnels | The tunnel mode of the VPN gateway. The system displays the tunnel modes that are supported in this region. Valid values: For more information about the tunnel mode, see [Upgrade notice] IPsec-VPN connections support the dual-tunnel mode. |
VPC | The VPC with which you want to associate the VPN gateway. |
vSwitch | The vSwitch with which you want to associate the VPN gateway. Select a vSwitch from the selected VPC. If you select Single-tunnel, you need to specify only one vSwitch. If you select Dual-tunnel, you need to specify two vSwitches. After the IPsec-VPN feature is enabled, the system creates an elastic network interface (ENI) for each of the two vSwitches as an interface to communicate with the VPC over an IPsec-VPN connection. Each ENI occupies one IP address in the vSwitch.
Note The system selects a vSwitch by default. You can change or use the default vSwitch. After a VPN gateway is created, you cannot modify the vSwitch associated with the VPN gateway. You can view the vSwitch associated with the VPN gateway, the zone to which the vSwitch belongs, and the ENI in the vSwitch on the details page of the VPN gateway.
|
vSwitch 2 | The other vSwitch with which you want to associate the VPN gateway in the associated VPC if you select Dual-tunnel. Specify two vSwitches in different zones in the associated VPC to implement disaster recovery across zones for IPsec-VPN connections. For a region that supports only one zone, disaster recovery across zones is not supported. We recommend that you specify two vSwitches in the zone to implement high availability of IPsec-VPN connections. You can also select the same vSwitch as the first one.
Regions that support only one zone
China (Nanjing - Local Region), Thailand (Bangkok), South Korea (Seoul), Philippines (Manila), and UAE (Dubai)
|
Peak Bandwidth | The maximum bandwidth of the VPN gateway. Unit: Mbit/s. |
Traffic | The metering method of the VPN gateway. Default value: Pay-by-data-transfer. |
IPsec-VPN | Specifies whether to enable the IPsec-VPN feature for the VPN gateway. Default value: Enable. You must enable this feature if you want to establish an IPsec-VPN connection. |
SSL-VPN | Specifies whether to enable the SSL-VPN feature for the VPN gateway. Default value: Disable. You do not need to enable this feature for the VPN gateway to establish an IPsec-VPN connection. |
Billing Cycle | The billing cycle of the VPN gateway. Default value: By Hour. |
Service-linked Role | Click Create Service-linked Role and the system automatically creates the service-linked role AliyunServiceRoleForVpn. VPN Gateway assumes this role to access other cloud resources. For more information, see AliyunServiceRoleForVpn. If Created is displayed, the service-linked role is created and you do not need to create it again. |
Elastic Compute Service (ECS)
Container Compute Service (ACS)
