- 최신
- 최다 투표
- 가장 많은 댓글
The way you have setup is correct, as long as you have TGW ENIs in 2 dedicated /28 subnets in 2 different Availability Zones will give you AZ level redundancy and thats what is mentioned in the TGW Best practice guidance.
Similarly as long as you associate 2 subnets from 2 different AZs to the ClientVPN endpoints the setup will give you AZ level redundancy.
CVPN endpoints and TGW ENIs don't need to be in the same subnet, it sounds like the way you have done the setup is correct.
hi The best practice is to use multiple Availability Zone.
https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/disaster-recovery-resiliency.html
Multiple target networks for high availability You associate a target network with a Client VPN endpoint to enable clients to establish VPN sessions. Target networks are subnets in your VPC. Each subnet that you associate with the Client VPN endpoint must belong to a different Availability Zone. You can associate multiple subnets with a Client VPN endpoint for high availability. While there is not a specific solution to simulate Client VPN failover the documentation below might provide some guidance on how to think about it
https://docs.aws.amazon.com/fis/latest/userguide/fis-actions-reference.html#disrupt-connectivity
관련 콘텐츠
- AWS 공식업데이트됨 2년 전
- AWS 공식업데이트됨 8달 전
- AWS 공식업데이트됨 8달 전