Hello,
Because of lots of VPN site-to-site configurations in the previous setup we decide to try and switch to the a Transit Gateway setup. Setup is pretty straightforward and have decreased the VPN site-to-site configuration in AWS and on the Cisco ASA we use. However I see some strange behavior when connecting to a vpc connected to the transit gateway. For some hosts in the subnet I'm able to SSH in and for some other I get timeout after timeout and after some retries is works for most of the hosts.
I think this is related to the transit gateway as it now actively uses both tunnels to route traffic. So I tried to disable the ECMP VPN feature but that somehow seemed to make it worse. So I'm looking at ways to improve it on the ASA site. Am I missing some magic in the BGP setup to make it work?
Any help would be appreciated
Greetz Leon
AWS OFFICIALAktualisiert vor 2 Jahren