Route all traffic from on-premise network to AWS VPC via IPSec site-to-site

0

I'm going to build my whole datacenter on private subnet AWS VPC (LDAP, RADIUS, Database, etc.)
I want all traffic from on-premise network goes to the AWS VPC, then to the Internet.
Now I can successfully connect to my EC2 database server in the private subnet via IPSec site-to-site connection, but cannot connect to the Internet.
The Internet traffic is already forwarded by the customer gateway.
Any idea, help or suggestion about the infrastructure is really appreciate !!!

AdamVu
posta 5 anni fa746 visualizzazioni
1 Risposta
0

Hi,
You will not be able to access the Internet based on the diagram you provided due to transitive peering not supported:
https://docs.aws.amazon.com/vpc/latest/peering/invalid-peering-configurations.html#edge-to-edge-vgw

However, it appears that you can re-architect your system to use the Transit Gateway, which will allow you to route on-premise Internet traffic through your AWS site-to-site VPN:
https://www.reddit.com/r/aws/comments/a67t6g/transit_gateway/
https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpn-attachments.html

Hope this helps,
-randy

ESPERTO
con risposta 5 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande