- Newest
- Most votes
- Most comments
Howdy,
Here are a few ideas to assist in your troubleshooting!
To enable traffic between your EC2 instance and your on-premises network, you'll need to configure the routing tables for both the VPC and your on-premises router. Here are the steps you need to follow:
1. Update the VPC route table to route on-premises traffic to the Transit Gateway: a. Open the Amazon VPC console: https://console.aws.amazon.com/vpc/ b. In the navigation pane, click 'Route Tables'. c. Select the route table associated with your EC2 instance's VPC. d. Click the 'Routes' tab, and then click 'Edit routes'. e. Click 'Add route', and then enter the following:
- Destination: The CIDR block of your on-premises network (e.g., 192.168.0.0/16)
- Target: The Transit Gateway ID (e.g., tgw-abcdefgh) f. Click 'Save routes'.
2. Configure your on-premises router (DrayTek 3900) to route AWS VPC traffic to the Customer Gateway: Refer to the DrayTek documentation on how to add a static route on your router. You'll need to add a route with the following details:
- Destination: The CIDR block of your AWS VPC (e.g., 10.0.0.0/16)
- Next Hop: The IP address of your Customer Gateway
3. Update the security groups associated with your EC2 instance to allow traffic from your on-premises network: a. Open the Amazon EC2 console: https://console.aws.amazon.com/ec2/ b. In the navigation pane, click 'Security Groups'. c. Select the security group associated with your EC2 instance. d. Click the 'Inbound rules' tab, and then click 'Edit inbound rules'. e. Add the necessary rules to allow traffic from your on-premises network (e.g., allow all traffic from the on-premises network CIDR block). f. Click 'Save rules'.
After completing these steps, your EC2 instance should be able to route traffic to and from the on-premises network through the VPN. You can find more information on this topic in the AWS documentation:
- AWS Transit Gateway: https://docs.aws.amazon.com/vpc/latest/tgw/what-is-transit-gateway.html
- VPC Route Tables: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html
- Security Groups for Your VPC: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
In case my answer doesn’t address your question or if you have any follow up questions, please let me know.
Rocky
Hi Rocky,
Thank you very much for your reply, although I get stuck at the first step!
On editing the route table for the VPC, the transit gateway isn't available as an option:
Relevant content
- asked 2 years ago
- asked 6 months ago
- asked a year ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
Howdy again!
I'm sorry that your still experiencing issues here. I will do my best to be of assistance.
So if the transit gateway is not available as a drop-down option then it is likely due to a configuration issue somewhere. I have found a few resources that may help you track down the issue. Here are a some possible reasons you may still be experiencing issues:
1. The VPC and the TGW are not connected:
2. Transit Gateway Route Table:
3. Route table propagation:
Hopefully this will serve as a good starting point to help you track down the issue. If you have checked all of these aspects and still can't edit the VPC route table with the TGW or if I have not addressed your question fully then please feel free to reach out again.
Rocky