Scale Access to a VPC


In this guide, we'll use Firezone to scale your team's access to a VPC.

This is commonly used when you need fast, reliable access to your cloud computing resources which are located behind a cloud firewall.

After completing this guide, your team's traffic into the VPC will be load balanced across multiple Gateways for high availability.

Opening ports on your network firewall is not necessary or recommended. Firezone Gateways perform secure NAT traversal for you.


  • A Site reserved for this use case. Create a Site if you haven't already.
  • Two or more Gateways deployed within the Site. Deploy a Gateway if you haven't done so yet.

See our Terraform examples for examples on how to automate deploying multiple Gateways to various cloud providers.

Step 1: Create a Resource

  1. In your admin portal, go to Sites -> <site> and click the Add Resource button.
  2. Select CIDR as the Resource type.
  3. Enter the CIDR range of the VPC you want to secure access to. This should be a range of IPv4 or IPv6 addresses that's directly reachable from the Gateway(s) in your Site.
  4. Name the Resource something descriptive, like SJC demo net. You'll refer to this name when creating a Policy in the next step.
  5. Click Save.
Create a Resource

Step 2: Create a Policy

  1. In the Policies tab, click the Add Policy button.
  2. Select an appropriate Group and the the Resource you created in Step (1).
  3. Click Save.

Step 3: Done!

You should now be able to access hosts and services in the VPC you specified in Step (1).

Need additional help?

Try asking on one of our community-powered support channels:

Or try searching the docs:
Last updated: April 24, 2024