Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Site-to-Site VPN gateway with transit gateway

0

We have a Site-to-Site VPN (VPN Gateway) setup in a MAIN account in AWS. All connectivity in the VPC for that MAIN account and on-prem work fine. (both ways) The MAIN account using a shared TGW to the SECONDARY account. Connectivity between the MAIN and SECONDARY is fine (both ways) For the SECONDARY account to traverse through TGW to the MAIN account and then the VPN (On-prem), what routes would be needed? I have tried many routes for the TGW and the Route tables themselves, none work.

Will this even work? Or does the Site-to-Site VPN need to be associated to the TGW and not the MAIN VPC?

Themen
Vernetzung & Bereitstellung von Inhalten
Tags
AWS Transit GatewayAWS Virtuelles Privates Netzwerk (VPN)
Sprache
English
Daniel
gefragt vor 9 Monaten326 Aufrufe
1 Antwort
1
Akzeptierte Antwort

Transitive routing is not supported with VPC's

As you rightly speculated. The S2S VPN Has to terminate on the Transit gateway.

You cant have a S2S VPN terminate in the VPC Directly and they route from Secondary account via transit gateway to main account and then via the Local Virtual Private Gateway in the Main VPC.

https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/aws-transit-gateway-vpn.html

profile picture
EXPERTE
Gary Mclean
beantwortet vor 9 Monaten
profile picture
EXPERTE
Sedat Salman
überprüft vor 9 Monaten
profile pictureAWS
EXPERTE
secondabhi_aws
überprüft vor 9 Monaten
  • Daniel
    vor 9 Monaten

    Figured. Thank you

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt