Learn about the CoreWeave Site-to-Site VPN Server.
In cases where infrastructure is hosted across different Cloud platforms or on a mix of on-premise infrastructure and Cloud platform infrastructure, but both need to be able to communicate with one another, Site-to-Site VPNs are leveraged for networking across platforms.
On CoreWeave Cloud, Site-to-Site VPNs are provided by instantiating a Virtual VPN in a Layer 2 VPC (L2VPC). Each workload that requires access to the Site-to-Site VPN should be placed in the VPC in addition to the regular CoreWeave network.
CoreWeave provides guides for setup and usage both on CoreWeave Cloud as well as other Cloud platforms and firewalls.
Configurations must be completed for both sides of the Site-to-Site VPN.
Learn more in our Cloud-specific endpoint configuration examples:
The IPSec VPN that CoreWeave uses has been benchmarked to over 4Gbps (with proposalaes128gcm16-sha256-modp2048). Most enterprise on-premise firewalls and Cloud firewalls on other Cloud providers are rarely rated over 1Gbps of IPSec performance!
Basic IPSec VPN usage
After initial installation, VPN status and troubleshooting can be conducting by accessing the VPN Gateway directly.
To get the current status of your VPN tunnel, you will need to SSH into the VPN server on its VPC IP, or attach to the console.
sudo ipsec statusall
Display information about your tunnel(s).
sudo ipsec restart
Restart the IPSec service.
Updating VPN configuration
After changes have been made to your VPN configuration via the CoreWeave Cloud UI, the VPN server must be restarted for the new configuration to take effect.
virtctl restart vpn02
To troubleshoot your connection, first issue sudo ipsec status.