By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Routing internet traffic via VPC from remote Site-to-Site VPN Network

0

Is it possible to route internet traffic from a remote on-premise network, via an AWS site-to-site VPN into a VPC, and out through the VPC's Internet Gateway as a means of providing the remote network with Internet access? I'm using a StrongSwan customer gateway on the remote network, and a Transit Gateway into the VPC.

Topics
Networking & Content Delivery
Tags
Amazon VPCAWS Transit GatewayAWS Virtual Private Network (VPN)
Language
English
CET
asked 2 years ago962 views
1 Answer
1

Hello,

Yes, it is possible. You would need a NAT gateway for the internet egress.

This pattern is described in this link along with routing:

https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-nat-igw.html

Please note that from TGW perspective, there are only attachments and in this case it does not matter if the spoke attachment is a VPC or a VPN, so you can disregard the fact that the example includes only VPCs.

The flow would look like below, not detail but would give you an idea:

On-premises network <== VPN ==> TGW --> VPC (NAT gateway & IGW) --> Internet

Hope this helps.

profile pictureAWS
EXPERT
Tushar_J
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content