Launch a gateway¶
Click Gateway at navigation panel. Click New to launch a gateway. To launch a gateway with OpenVPN capability, refer to this link.
Select Gateway Size¶
When selecting the Gateway Size, note the following the guidelines of IPSEC performance based on tests conducted between two gateways of the same size:
- t2 series throughput is not guaranteed; it can burst up to 130mbps.
- m3 series are in the range 300 - 500mbps
- m4.xlarge or c4.xlarge: approximately 500mbps
- c3.2xlarge or m4.2xlarge: approximately 1Gbps
- c3.4xlarge: approximately 1.2Gbps
if you need IPSEC performance beyond 1.2Gbps, refer to Cluster Peering.
You can configure L4 stateful security policies on each gateway. To configure, click Gateway tab, click to select the gateway of interest. Click Edit.
Note at the Destination field, you can enter network, IP address or host name. When using host name, the IP address of the host name will be resolved when programming the security policy. Host name is not suitable if it is a public web site, such as www.google.com. To filter on public host names, refer to FQDN Whitelists.
There are two types of high availabiity on Aviatrix: “Gateway for High Avalability” and “Gateway for High Availability Peering”.
“Gateway for High Avalability Peering” is used for “Enable HA” field at Encrypted Peering configuration.
“Gateway for High Avalability” is used when you need HA for a Transitive Peering.
You can change Gateway Size if need to change gateway throughput. The gateway will restart with a different instance size.