1- Going through the document, It tells to reserve a 10.0.0.0/24 cidr block on the transit gateway, what is the relevance of this block? where is it exactly used? It is not shown in the diagram in the document.
- As in the diagram 10.0.0.0/24 is used as a VPC CIDR for the production VPC while 10.24.10.0/24 is being used a Transit Gateway CIDR block which is used to create transport network for VPN
2- Do we need to carve out a separate cidr for The tunnel IPs, based on the number of tunnels. Is there any special consideration to be followed when assigning the tunnel outside IPs.
- You can specify a size /24 CIDR block or larger (for example, /23 or /22) for IPv4, or a size /64 CIDR block or larger (for example, /63 or /62) for IPv6 forTransit Gateway CIDR block . You can associate any public or private IP address range, except for addresses in the 169.254.0.0/16 range, and ranges that overlap with the addresses for your VPC attachments and on-premises networks.
3- Any additional documents available on this topic would be helpful.
TGW CIDR block will decide the tunnel outside Ip address for transportation.
AWS VPN with Private IP addressAccepted Answerasked 5 months ago
VPN over Direct Connect with Direct Connect GatewayAccepted Answerasked 2 years ago
Site to Site VPN Issueasked 8 months ago
Struggling with Site to Site VPN using CiscoASAv and Public Encryption Domainsasked 10 months ago
aws site to site vpn private ip vpns over direct connect -- new feature
How to filter routers on a TG for Private IP VPN
Is it possible to set up a dynamic routing connection to AWS through a site-to-site VPN via a vendor?Accepted Answerasked 2 years ago
Private IP VPN CIDR Block(transit gateway) and Customer Gateway on the same Subnetasked 2 months ago
Setup VPN Site to Site backup DirectConnectasked 6 days ago
AWS site to site VPN - configure multiple CIDR rangesAccepted Answerasked a month ago