Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

VPC peering and Network Firewall

0

i am confuse AWS network firewall and peering section. As per AWS documents, it said **AWS Network Firewall cannot be deployed to inspect traffic between VPCs that are peered together; **

i did vpc peering VPC 1 (10.1.1.0/16)and VPC2 ( 10.2.1.0/16). VPC 1 have one private subnet ( 10.1.2.0/24) behind the firewall VPC 2 have one private subnet ( 10.2.2.0/24) behind the firewall I have the one private route table destination 10.2.2.0/24 next hop is firewall ID or interface in VPC 2. I add one route to go 10.2.2.0/24 next hop is peer ID in VPC one private route. I have the one private route table destination 10.1.2.0/24 next hop is firewall ID or interface in VPC 1. I add one route to go 10.1.2.0/24 next hop is peer ID in VPC 2.

let me know this traffic will pass firewall ? If AWS firewall is didn't support to inspect network traffic if we are using peering ? can we use third party firewall to inspect traffic?

Tópicos
Segurança, identidade e conformidade
Tags
Firewall de rede da AWSNetwork Load BalancerSegurança de rede
Idioma
English
crypto
feita há 2 anos1595 visualizações
1 Resposta
1

VPC-VPC (east-west) traffic inspection is support with Centralized VPC deployment model with AWS Network Firewall. You will need to leverage Transit Gateway for routing traffic between VPCs. VPC-Peering is not a supported deployment model.

You can the reference blog for details. https://aws.amazon.com/blogs/networking-and-content-delivery/deployment-models-for-aws-network-firewall/

AWS
GaryKo_AWS
respondido há 2 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante