1 Answer
- Newest
- Most votes
- Most comments
1
Hello,
Please note there are SA (Security Association) limitations when you use Policy based VPN on CGW.
See below from the VPN FAQ:
Q: How many IPsec security associations can be established concurrently per tunnel?
A: The AWS VPN service is a route-based solution, so when using a route-based configuration you will not run into SA limitations. If, however, you are using a policy-based solution you will need to limit to a single SA, as the service is a route-based solution.
This Knowledge center article describes this issue in detail.
More information on Site-to-Site VPN routing options can be found here.
Relevant content
- asked a month ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago