VPN Gateway for Automation Cloud Robots now in Public Preview!

We’re thrilled to announce the Public Preview for our VPN Gateway for Automation Cloud Robots! Setting up a VPN Gateway will give your ACRs access your on-premise, firewall protected resources. This means that UiPath can now host your robots and run automations even if they require access to resources that only exist in your enterprise’s network, like intranets or databases.

Availability

The VPN Gateway for Automation Cloud Robots is now available on all Enterprise Trial, Pro and Enterprise accounts.

Getting Started

To set up the VPN Gateway, you must meet the following requirements:
  • Have the knowledge or assistance from your network administrator or someone who has a good understanding of VPN and networking concepts.
  • Be an organization administrator in Automation Cloud.
  • Have the new Admin experience enabled in Automation Cloud.
  • Have an Orchestrator role that includes the Machines - Edit permission.
  • Each tenant for which you want to create a VPN gateway must have at least 5000 robot units allocated to it.
  • Information from your network administrator:
    • A list of reserved IP address ranges located in your on-premises network configuration, in CIDR notation. As part of configuration, you need to specify the IP address range prefixes that we will route to your on-premises location.
      The subnets of your on-premises network must not overlap with the virtual network subnets to which you want to connect.
    • Use compatible VPN devices and have the ability and know-how to configure them, as described in About VPN devices for connections - Azure VPN Gateway.
    • Your VPN device must use externally-facing, public IPv4 addresses.
    • A pre-shared key (PSK) for each VPN device.

Creating a Gateway

If you'd like to create a VPN Gateway, you'll first need to enable the New Admin experience and allocate 5,000 RUs to the tenant where your ACRs will be running. Once allocated, a VPN Gateway can be created by navigating to a specific tenant and selecting the "VPN Gateway" tile.

You can then click “Create gateway” and give your gateway a name and specify the address space you’d like to use for the gateway (we recommend working with a network administrator to ensure this address space doesn’t overlap with your on-premise address ranges).


Once you create the gateway, it can take up to 45 minutes until it’s deployed and ready to be used.

Setting up ACRs

Once your gateway has been successfully deployed, you will now be able to connect your ACR - VM and Serverless Robots to the VPN Gateway by navigating to the templates. ACR - VM Pools can only be connected at the time of creation and once they are disconnected for a specific pool, they cannot be reconnected. Serverless Robots can be connected and disconnected at any time. You can visit our documentation for setting up both VM and Serverless Cloud Robot VPN Settings to learn more.

Creating a VPN Connection

Now that you've set up your ACRs to connect with the VPN Gateway, you can establish your connection with your on-premise network by selecting "Add Connection" for the gateway you've created. You can then configure the details for your connection, including:
  • A shared-key which should match the shared key for your VPN Device
  • The public IP for your VPN Device
  • Address space(s) for your on-premise device, which represent your on-premises network

Setting up your VPN Device

Your network administrator can now:
  1. Set up your VPN device from your on-premise network.
    The PSK must match the one specified for the connection created in step 3.
  2. Add the address spaces used to configure the VPN gateway and Vnets for cloud robot templates to the allow list of your network.

For a list of supported VPN devices and for RouteBased configuration instructions, see About VPN devices for connections - Azure VPN Gateway in the Microsoft documentation.

Want to learn more?

If you have any questions about how to set up the VPN Gateway, or want to find out more details, you can always refer to our documentation.

We value your feedback

Please share with us your first experience with the VPN Gateway and what it has empowered you to run. Our product team appreciates your feedback and will consider it in future product releases.

10 Likes

Hi @LisaBoneta I was looking at the documentation in regards creating VPN gateway connection, also looking at this UiPath article: https://docs.uipath.com/orchestrator/automation-cloud/latest/user-guide/configuring-vpn-for-cloud-robots

I states that it requires a /25 subnet, which only provides up to 126 usable addresses for cloud VMs, this seems rade a low address, what if we need to have 300 cloud vms, the /25 would not provide enough addresses, how do or can we address this issue?

/25 is for the VPN Gateway itself, the Pool subnets control the IPs of the VMs and that is a /22 - /27 range.