- Newest
- Most votes
- Most comments
Gateway <> Gateway IPSEC VPN is not officially supported. If you need to establish IPSEC VPN between two AWS environments then you can use TGW/VGW on one side and 3rd-party virtual appliance on the other side.
Can you expand more on the use case? As long as both tunnels are setup to be active/active it will provide HA and will work since the AWS side of the VPN will initiate an outgoing connection to the customer gateway (which can be a VGW or TGW). The VGW can only send traffic on one active tunnel at a time and so you would be limited to 1.25Gbps.
However, within AWS there are a number of options for connecting together a VPCs and TGWs (namely a native attachment within a region). Using VPN wouldn't be consider a best practice for such use case.
Relevant content
- Accepted Answerasked 3 months ago
- Accepted Answerasked a year ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 5 months ago
This is technically possible, but I do not understand what the use-case is. You can simply peer two TGWs or, and you can attach a VPN to a TGW, and peer that to your second TGW? Can you elaborate on the use case?