By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Site-to-Site VPN Connectivity Issue with Cisco Router

0

I've set up an AWS Site-to-Site VPN for my on-premise network using a Cisco RV042G router. However, even though the VPN tunnel is up, I can't access the resources on my on-premise network. Oddly, when I disconnect and reconnect the tunnel from the Cisco router or restart the router, it starts working fine. I've checked the 'keep alive' and 'dead peer detection' settings on the Cisco router, but the issue persists. Any suggestions on how to fix this?

Topics
Networking & Content DeliverySecurity, Identity, & Compliance
Tags
Amazon VPCAWS Network FirewallNetworking & Content DeliveryNetwork SecurityAWS Virtual Private Network (VPN)
Language
English
Ashutosh Pandey
asked 2 months ago402 views
1 Answer
0

Hi Ashutosh, the key here is in the fact that connectivity works when you reset the tunnel. Could you please check the negotiated phase 2 traffic selectors to confirm whether they allow connectivity between the VPC and on-prem IP addresses. It could be that the Cisco device is running a policy based VPN and is proposing multiple IPSec SAs (AWS is route based and supports only one IPSec SA at a time).

profile pictureAWS
EXPERT
George Murimi
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content