By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Terminate each Site-to-Site VPN Tunnels to Multiple Customer Gateways

1

A customer needs to establish a site-to-site VPN connection with a provider that does not allow both VPN tunnels that AWS generates, to terminate on the same customer gateway.

Does the native AWS VPN solution allow Tunnel 1 from a site-to-site VPN connection to terminate on customer gateway 1 and Tunnel 2 to customer gateway 2 for example?

Topics
Networking & Content Delivery
Tags
Networking & Content DeliveryAWS Transit Gateway
Language
English
Manish_S
asked 4 years ago387 views
1 Answer
1
Accepted Answer

Technically, this is possible. Customer will have to use Cert Based VPN connection. They cannot use PSK VPNs to achieve this.

  • Create CGW with cert based VPN with no CGW IP
  • Create BGP Based VPN connection using this new CGW. Don't use Static VPNs (While it will work but not recommended).
  • Install Certs and configure VPN on each CGW device
CGW 1 (Cert1) - Tunnel1-
                        |- vpn-<id>
CGW 2 (Cert2) - Tunnel2-

I wouldn't recommend this approach if customer isn't technical + Nobody likes Cert VPNs :)

AWS
jkaps
answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content