Help us improve the AWS re:Post Knowledge Center by sharing your feedback in a brief survey. Your input can influence how we create and update our content to better support your AWS journey.
On-premise datacentre accessing the internet via Direct Connect
Customer who has a datacentre with no access to internet but is connected to AWS via direct connect. Is it possible to use AWS managed network services to reach the internet? The customer would prefer to consume services provided and managed by AWS instead of looking for third party NAT devices/systems.
If this is possible, is it cost effective / best practice?
- Language
- English
- Newest
- Most votes
- Most comments
From a pure routing perspective. Another possible option is to use TransitGateway and EgressVPC attached with the Transit Gateway. Advertise prefix 0.0.0.0/0 from TGW side to on-premises. The on-premises router then sends default traffic to TGW. TGW then sends this traffic out to the Internet via Egress VPC. This can be done by adding a static route 0.0.0.0/0 with a target to EgressVPC attachment. Egress VPC can have a NAT Gateway or other third party filtering device to NAT outgoing traffic.
Relevant content
- asked 2 years ago
- asked 2 years ago
- AWS OFFICIALUpdated a month ago
