En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

VPN-IPSEC-Site_to_Site

0

Dear All: I have an IPSEC site-to-site VPN from AWS to my on-premises, it is operational. It is created towards a customer gateway of one of my suppliers.

              Here is where the problem lies:
              I generate another VPN (Backup) with another customer gateway (Internet Provider) and when creating the static route in the Gateway Route table it gives me the following error: There was an error creating your static route , notifying me that the route I want to add already It exists, which is correct, it exists because said route is attached to the Main VPN Tunnel, now I want to attach the same destination but with the Contingency VPN attachment and I cannot do it.

Can someone help me please.

thank you..

Sujets
Réseaux et diffusion de contenu
Balises
Réseaux et diffusion de contenu
Langue
English
rePost-User-2423523
demandé il y a 2 mois381 vues
1 réponse
0

You can't have static routes for the same remote CIDR to 2 different destinations (VPN gateways) in the same route table. The recommended approach here would be to have both the primary and secondary VPN tunnels use dynamic routing via BGP. You can use BGP settings like local preference and AS PATH prepending to determine the primary tunnel/path. If the primary tunnel goes down, the BGP routes for it will go away making the backup VPN tunnel the active route.

https://docs.aws.amazon.com/vpn/latest/s2svpn/vpn-redundant-connection.html

AWS
Jason
répondu il y a 2 mois
profile picture
EXPERT
Giovanni Lauria
vérifié il y a 2 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents