AWS S2S VPN - Route Based Network CIDR Blocks

We are setting up a S2S VPN between AWS and Cisco FTD that will be VTI based. What should the Remote and Local IPv4 network CIDR's be set to? Is it recommended that they be set to 0.0.0.0/0 in order to enable/ensure the BPG peering works?

주제

네트워킹 및 콘텐츠 전송

태그

아마존 VPC

언어

English

yellowyak

질문됨 2달 전296회 조회

1개 답변

최신
최다 투표
가장 많은 댓글

이 답변이 도움이 되었나요?커뮤니티가 여러분의 지식을 활용할 수 있도록 정답을 찬성하세요.

Hello.

Remote and Local IPv4 network CIDR's

What you want to know is the CIDR set on the screen below in the AWS management console?

If so, please set the on-premises CIDR for "Local IPv4 network CIDR".
There is no problem if you set the AWS VPC CIDR for "Remote IPv4 network CIDR".
This is a CIDR setting that allows the VPN tunnel to pass through, so if you set it to 0.0.0.0/0, all communications will be able to pass through.
If there is no need to limit it, I think you can set it to 0.0.0.0/0.

전문가

Riku_Kobayashi

답변함 2달 전

yellowyak
2달 전
Are there security risks to setting it to 0.0.0.0/0? Because when we set the Local and Remote IPv4 network CIDRs to our correct CIDRs, the tunnels didn't work (because I think the BGP peering traffic wasn't captured)

AWS S2S VPN - Route Based Network CIDR Blocks

관련 콘텐츠