- Le plus récent
- Le plus de votes
- La plupart des commentaires
I think you're trying to add two CIDRs (The ethernet and the wireless subnets) as the interesting traffic.
I'll answer your question on how do add that in AWS side, but first AWS VPN is a route-based VPN, hence it does not support multiple security associations SA.
If you're using policy-based VPN and define several CIDRs then you'll run into multiple SA issues which will cause intermittent connectivity, refer to this knowledge article https://repost.aws/knowledge-center/vpn-connection-instability
Q: How many IPsec security associations can be established concurrently per tunnel? https://aws.amazon.com/vpn/faqs/
A: The AWS VPN service is a route-based solution, so when using a route-based configuration you will not run into SA limitations. If, however, you are using a policy-based solution you will need to limit to a single SA, as the service is a route-based solution.
- Make sure you're using route-based VPN on the FortiGate.
- To add your WiFi network to communicate over the VPN tunnels in AWS side, by default the interesting traffic is 0.0.0.0/0 which means all traffic is allowed over the tunnels, see this on how to modify the interesting traffic https://docs.aws.amazon.com/vpn/latest/s2svpn/modify-vpn-connection-options.html
Contenus pertinents
- demandé il y a un an
- demandé il y a 2 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 3 ans
This is all great! The change I had to make was your very last bullet point. I had to do the following...
I appreciate the help here!