Can I delete one VPN tunnel from site-to-site VPN connection ?

0

We use Cisco Meraki firewall on our on-premises corpnet to create a site to site VPN connection to AWS. By default, AWS creates two VPN tunnels for HA, but Meraki firewall doesn't support this HA VPN tunnels, it can only create one VPN tunnel toward AWS if VPC subnet (remote subnet) is same. I am wondering if I can delete one of two VPN tunnels to make my AWS site to site VPN connection configuration clean and not tunnel showing in down state?

Thanks

Jerry

asked 2 years ago890 views
3 Answers
1

Hello There,

I understand that the CGW device does not support multiple tunnels and that should be completely fine. You can still operate in a single tunnel mode. there is no specific requirement to delete the second tunnel. You may just choose to ignore the same and not configure it.

It would work completely fine. Also, as mentioned above, you can reach out to AWS Premium support to disable the notifications, if that is something you desire.

profile pictureAWS
SUPPORT ENGINEER
answered 2 years ago
0

Hello Jerry,

Unfortunately this is not supported, if you are getting bothered with the notifications you are receiving due to having only a single VPN tunnel, you may reach out to AWS Support to get this disabled for your account in the region where you have the VPN connection with. Let me know if you have further queries.

Tim

AWS
answered 2 years ago
0

Update on this question, and I'm not an AWS engineer, but when building the tunnel there is an option to enable tunnel maintenance, which appears to indicate that perhaps only one tunnel will be built, and therefore could be a solution to this issue.

JohnM
answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions