Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Connect remote sites using VPN to access on-prem via existing Direct Connect?

0

Hello, we currently have a Direct Connect Link with a private VIF connecting a few VPCs to our on-prem environment, and it is terminated at a Direct Connect Gateway. We are planning to build some VPN tunnels to connect a few remote sites to one "hub" VPC, so would it be possible for the remote sites to route traffic back to on-prem via the "hub" VPC? Thanks!

Themen
Vernetzung & Bereitstellung von Inhalten
Tags
AWS Direct ConnectVernetzung & Bereitstellung von Inhalten
Sprache
English
AWS-User-6150741
gefragt vor 2 Jahren256 Aufrufe
1 Antwort
1
Akzeptierte Antwort

This is not supported. https://docs.aws.amazon.com/directconnect/latest/UserGuide/virtualgateways.html

The following traffic flows are not supported: ...Direct communication between the virtual interfaces that are attached to a single Direct Connect gateway and a VPN connection on a virtual private gateway that's associated with the same Direct Connect gateway.

For this type of communications, the recommended model is to use Transit Gateway (requires a Transit VIF) to route traffic between on-prem and remote VPN sites. https://aws.amazon.com/blogs/aws/new-use-an-aws-transit-gateway-to-simplify-your-network-architecture/

profile pictureAWS
EXPERTE
Sheng Chen
beantwortet vor 2 Jahren
profile picture
EXPERTE
Giovanni Lauria
überprüft vor einem Monat

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt