Cisco provides a guide for using a Cisco CSR1000v within AWS along with an corresponding on-premises device to use LISP with an IPSec between the two devices. L2 extension functionality is provided via LISP. What this article does not mention is how to setup the VPC network to make this work.
It’s important to understand that the VPC does not support transport of ARP traffic on L2. Instead such traffic is intercepted by the VPC. Therefore we need to ensure that an ARP request from an EC2 instance attempting to communicate with an on-premises instance is received by the CSR1000v instance within AWS. Only this way, LISP can do it’s job and provide L2 extension capability.
This is done by allocating the IP addresses from within the extended subnet that are used on-premises as secondary IP addresses to the LAN interface of the CSR1000v within AWS. This way the VPC will answer ARP requests for these IP addresses correctly and steer frames to the CSR1000v.
Refer also to https://www.youtube.com/watch?v=_FIBGOy2_DM for a more detailed video.
Can we extend OnPrem to Managed AD with trust then do migration with ADMTAccepted Answerasked a year ago
Can you extend an availability group from on premises or EC2 to RDS Custom for SQL Server or use RDS Custom as a read replica?asked 3 months ago
AWS Transit Gateway with Cisco ASA Routing Issuesasked 2 years ago
Migrating from Cisco UCCX to AWSasked 9 months ago
Migrating from Cisco UCCE to Amazon Connectasked 4 years ago
Cisco FTDv Firewall Initial Configuration issue with connectivity to AWS VPCAccepted Answerasked 10 months ago
Do I need to extend EC2 file system after resizing?Accepted Answerasked 3 months ago
How to extend backup Retention for FSxasked 7 months ago
How can I use the Cisco CSR1000V to extend L2 network from on-premises to AWS?Accepted AnswerEXPERTasked 2 years ago
Can't Get Inter-Subnet Routing Working with DMVPN Using Cisco Routerasked a year ago