1 Answer
- Newest
- Most votes
- Most comments
0
Are you sing Static route based VPN or BGP? If you are using BGP then the failover/failback of the traffic between the Tunnels is handled by BGP, see below from the documentation
We recommend that you use BGP-capable devices, when available, because the BGP protocol offers robust liveness detection checks that can assist failover to the second VPN tunnel if the first tunnel goes down. Devices that don't support BGP may also perform health checks to assist failover to the second tunnel when needed.
If you are already using BGP but the failover of the traffic isn't working then opening a support ticket with PA and AWS is the best course of action.
Relevant content
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated a year ago