This page describes advanced configuration details necessary for high-availability, high throughput, or multiple subnet VPN scenarios. The Overview describes the basic concepts of Cloud VPN.
Advanced settings and configurations
While many VPNs can be configured using only the steps outlined in the instructions for creating a VPN, the more advanced configurations listed above call for additional details.
Order of routes
It is possible to create a VPN tunnel that has the same IP range as another tunnel, a subset of the other tunnel's range, or a superset of the other tunnel's range.
For details, see Configuring VPN tunnels with Overlapping IP ranges.
Configuring IKE, including multiple subnet support
You can view detailed information about how Cloud VPN supports multiple IKE ciphers at Supported IKE Ciphers.
Redundancy, failover, and higher-throughput VPNs
You can provide VPN redundancy and failover for Cloud VPN by adding a second on-premises VPN gateway. You can also load balance gateways by using one of three options that can also increase VPN throughput.
See the Redundant VPNs document for details.
Maximum Transfer Unit (MTU) considerations
The Cloud VPN MTU size is 1460. See MTU Considerations for a description of how to configure your on-premises VPN gateway to support this MTU size, if required.
See the UDP and NAT-T section in the Cloud VPN Overview for information on how to configure your on-premises device to support NAT-T with Cloud VPN.