AWS Network Firewall and VPN Gateway


I want to be able to use FQDN filtering on outbound traffic over the VPN. I can't get it to work. It looks like AWS Network Firewall doesn't support VPN Gateways. Is this correct and is there some way around it? A transit gateway perhaps?

2 Answers

You're correct; the workaround today is to use a Transit Gateway; attach the VPN to the Transit Gateway; and then inspect using Network Firewall either within the source VPC or by using route tables on the Transit Gateway to send traffic to an inspection VPC.

profile pictureAWS
answered a year ago

North-South: Centralized on-premises egress & ingress via Transit Gateway and Transit VIF/Direct Connect gateway/AWS Site-to-Site VPN

Enter image description here

Please refer this blog

answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions