Gateway

Launch a gateway

Click Gateway at navigation panel. Click New to launch a gateway. To launch a gateway with OpenVPN capability, refer to this link.

Select Gateway Size

When selecting the Gateway Size, note the following the guidelines of IPSEC performance based on tests conducted between two gateways of the same size:

  • t2 series throughput is not guaranteed; it can burst up to 130mbps.
  • m3 series are in the range 300 - 500mbps
  • m4.xlarge or c4.xlarge: approximately 500mbps
  • c3.2xlarge or m4.2xlarge: approximately 1Gbps
  • c3.4xlarge: approximately 1.2Gbps

if you need IPSEC performance beyond 1.2Gbps, refer to Cluster Peering.

Security Policy

You can configure L4 stateful security policies on each gateway. To configure, click Gateway tab, click to select the gateway of interest. Click Edit.

Note at the Destination field, you can enter network, IP address or host name. When using host name, the IP address of the host name will be resolved when programming the security policy. Host name is not suitable if it is a public web site, such as www.google.com. To filter on public host names, refer to FQDN Whitelists.

High Availability

There are two types of high availabiity on Aviatrix: “Gateway for High Avalability” and “Gateway for High Availability Peering”.

“Gateway for High Avalability Peering” is used for “Enable HA” field at Encrypted Peering configuration.

“Gateway for High Avalability” is used when you need HA for a Transitive Peering.

Gateway Size

You can change Gateway Size if need to change gateway throughput. The gateway will restart with a different instance size.