1 Answer
- Newest
- Most votes
- Most comments
0
The topology you are using is not uncommon. A lot of customers use Firewalls as VPN concentrators and Routers/L3 switches as a termination points for WAN circuits.
Your second question: For the failover to work between DX and IPSEC VPNs, is it necessary for AWS transit gateway to have same IP for peering IPSEC VPNs and BGP? -- This is not a requirement.
See below from the Whitepaper the scenario you are describing:
Relevant content
- Accepted Answerasked 7 months ago
- Accepted Answerasked 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 10 months ago