Advanced Configurations

This page describes advanced configuration details necessary for high-availability, high throughput, or multiple subnet VPN scenarios. The Overview describes the basic concepts of Cloud VPN.

Advanced settings and configurations

While the VPN types described in Choosing a VPN Routing Option can be configured using only the steps outlined in the set-up instructions, the more advanced configurations listed above call for additional details.

Order of routes

It is possible to create a VPN tunnel that has the same IP range as another tunnel, a subset of the other tunnel's range, or a superset of the other tunnel's range.

For details, see Configuring VPN tunnels with Overlapping IP ranges.

Configuring IKE, including multiple subnet support

You can view detailed information about how Cloud VPN supports multiple IKE ciphers at Supported IKE Ciphers.

You can view detailed information about how Cloud VPN supports multiple IP ranges in each traffic selector when using IKEv2 at Multiple IP ranges in Networks and Tunnel Routing.

Redundancy, failover, and higher-throughput VPNs

You can provide VPN redundancy and failover for Cloud VPN by adding a second on-premises VPN gateway. You can also load balance gateways by using one of three options that can also increase VPN throughput.

See the Redundant VPNs document for details.

Maximum Transfer Unit (MTU) considerations

The Cloud VPN MTU size is 1460. See MTU Considerations for a description of how to configure your on-premises VPN gateway to support this MTU size, if required.

UDP encapsulation

See the UDP and NAT-T section in the Cloud VPN Overview for information on how to configure your on-premises device to support NAT-T with Cloud VPN.

What's next?

Was this page helpful? Let us know how we did:

Send feedback about...