Soracom Gate
Overview
Soracom Gate is a network connectivity service that establishes a LAN environment for your Soracom Air for Cellular devices.
Gate provides extended networking functionality for Virtual Private Gateways that enables device-to-device access within the VPG, as well as remote device access across a VXLAN connection from your private network to the VPG.
Functionality
At a high level Gate enables two types of networking functionality.
Device to Device Access
With the default Virtual Private Gateway settings, Soracom Air for Cellular devices that are attached to a VPG are able to access Soracom services (such as Soracom Beam, Funnel, Funk, and Harvest), Internet services (if the VPG Internet Gateway option is enabled), and even private network or cloud services (when combined with Soracom Canal, Direct, or Door). However, devices within the same VPG are not able to communicate with each other by default, for security.
By enabling Gate for a VPG, devices attached to the same VPG will be able to communicate with each other using their respective cellular connections, as though they are attached to the same LAN, simply by using the IP addresses assigned to each device by the VPG.
This enables applications where devices require the ability to communicate information with each other, rather than only directly with a server.
Remote Device Access
A VPG with Gate enabled can also be used to provide remote device access from within your private network. When creating a VPG, two Gate Peers are created (each in different AWS Availability Zones) which handle various networking workloads associated with the VPG. By creating a corresponding Gate Peer within your private network, you can establish a VXLAN connection from your network back to the VPG. Once your network is configured to route VPG-bound traffic using your corresponding Gate Peer, you can similarly access Soracom Air for Cellular devices directly as though they are connected to your private network, simply by using the IP addresses assigned to each device by the VPG.
By enabling remote device access, you can easily connect directly to a device to perform maintenance tasks or download device data.
Soracom also provides a Privacy separator option that will reverse the device-to-device visibility behavior when enabling Gate, for applications where you require the remote device access capability, but without exposing devices to each other within the VPG.
Compatibility
- Device to device access is available for Type-C, Type-E, Type-F, Type-F2, and Type-G VPGs.
- Remote device access is only available for Type-C, Type-F, and Type-G VPGs.
- Type-F2 VPG enables you to access devices remotely without utilizing Gate.