Site-to-Site VPN for Cloud Router

Site-to-Site VPN allows you to connect branch locations, on-premises users, and remote data centers to the PacketFabric Cloud Router quickly and easily.

For example, you can connect branch office locations to one or more cloud providers, connect a remote data center to a public cloud provider, or connect multiple cloud service providers in different regions to multiple branch sites.

Any environment that can support an IPsec tunnel can use PacketFabric Cloud Router Site-to-Site VPN.

VPN illustration


Private and secure branch site connectivity to cloud
Connect all your branch and remote sites directly to major public cloud providers, alternative cloud providers, private cloud, or other private resources in colocation.
Improved performance and cost savings
Unlike connecting directly to your cloud environment via VPN, Site-to-Site VPN allows you to get up and running immediately with the cloud providers’ native private connectivity solutions, with a large cost saving on egress data. In addition to savings, private cloud connectivity provides the lowest latency path with the most consistent performance.
Accelerate SaaS applications
Connect branch users to the lowest latency path to SaaS providers for the most responsive user experience.
No special hardware or software requirements
Cloud Router Site-to-Site VPN is compatible with a wide range of routing equipment and VPN appliances that can create an IPsec tunnel.

How it works

The PacketFabric Cloud Router Site-to-Site VPN uses an IPsec tunnel into a PacketFabric Cloud Router. The Cloud Router can then be connected to any number of public cloud providers, colocation facilities, SaaS providers, and other branch sites:

Cloud Router Site-to-Site VPN provides fully automated layer 3 connectivity between any customer site with VPN capability and cloud providers. BGP sessions are automatically configured between PacketFabric and the cloud providers of your choice. All you need to do is add routing information into the PacketFabric portal and the cloud provider’s console or your on-prem equipment.

VPN illustration


Currently available in the following markets, with more to be added: ATL, CHI, DAL, DEN, LAX, LON, MIA, NYC, SEA, SFO, WDC


Maximum bandwidth is 2G for a VPN connection.


The Cloud Router Site-to-Site VPN does not require a physical connection or special hardware to work; it only requires a VPN-capable device at the branch site.


Cloud Router Site-to-Site VPN works with most IPsec capable devices. We’ve tested with many major platforms to ensure cross-platform support as well as backward compatibility, and have a full implementation that includes modern strong encryption technologies such as elliptical curve. We also support older methods, so you don’t have to make expensive equipment upgrades.

Compatible hardware (verified):

Cisco ASA 9.8.1+
Cisco IOS
Juniper Netscreen
Juniper SRX
Palo Alto Networks NGFW 8.0.0+

What if I don’t see my device on the list?

It’s likely that we support a much broader range of VPN hardware and software than those that have been verified, as long as the device follows IPsec standards. If you have any questions about support for your device, we will be happy to help you test it. Contact to speak with one of our solutions experts.

Supported configuration options

See VPN Configuration.