By using AWS re:Post, you agree to the Terms of Use

VPN over Direct Connect with Transit Gateway


I have a customer that is trying to setup a Direct Connect into both a commercial account and a GovCloud account and associate it with a Transit Gateway.

It looks like the recommended way to do this is to create a Direct Connect Gateway in the commercial account and that will get automatically propagated to the associated GovCloud account. From there you can associate a Transit Gateway to the corresponding Direct Connect Gateway.

My question is how do you set this up if you need to have VPN over Direct Connect for the GovCloud account (and potentially not need it for the commercial account)? I see other posts that talk about configuring VPN over Direct Connect and then associating the VPN with the Transit Gateway. Would you use this method for the GovCloud account and then the DX -> DXGW -> TGW method for the commercial account?


1 Answer
Accepted Answer

In the end it's all about the virtual interfaces that you create on top of the DX connection:

Keep in mind that from an operational perspective, it's usually not a good idea to use the commercial account associated with a GovCloud account for anything. Usually you're better off using a completely separately commercial account, which can be part of an Organizations structure.

profile picture
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions