Scale Access to a VPC

In this guide, we'll use Firezone to scale your team's access to a VPC.

This is commonly used when you need fast, reliable access to your cloud computing resources which are located behind a cloud firewall.

After completing this guide, your team's traffic into the VPC will be load balanced across multiple Gateways for high availability.

Opening ports on your network firewall is not necessary or recommended. Firezone Gateways perform secure NAT traversal for you.

Prerequisites

  • A Site reserved for this use case. Create a Site if you haven't already.
  • Two or more Gateways deployed within the Site. Deploy a Gateway if you haven't done so yet.

See our Terraform examples to learn how to automate deployments to various cloud providers.

Step 1: Create a Resource

  1. In your admin portal, open Sites in the left sidebar, select your Site, open the Resources tab, and click Add a resource.
  2. Select CIDR as the Resource type.
  3. Enter the CIDR range of the VPC you want to secure access to. This should be a range of IPv4 or IPv6 addresses that's directly reachable from the Gateway(s) in your Site.
  4. Name the Resource something descriptive, like SJC demo net. You'll refer to this name when creating a Policy in the next step.
  5. Click Save.

Step 2: Create a Policy

  1. Back in the left sidebar, open Policies, then click New Policy.
  2. Select an appropriate Group and the Resource you created in Step (1).
  3. Click Save.

Step 3: Done!

You should now be able to access hosts and services in the VPC you specified in Step (1).


Need help? See all support options.

Found a problem with this page? Open an issue
Last updated: July 01, 2026