使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

Route all traffic from on-premise network to AWS VPC via IPSec site-to-site

0

I'm going to build my whole datacenter on private subnet AWS VPC (LDAP, RADIUS, Database, etc.)
I want all traffic from on-premise network goes to the AWS VPC, then to the Internet.
Now I can successfully connect to my EC2 database server in the private subnet via IPSec site-to-site connection, but cannot connect to the Internet.
The Internet traffic is already forwarded by the customer gateway.
Any idea, help or suggestion about the infrastructure is really appreciate !!!

主题
网络和内容交付
标签
亚马逊 VPC
语言
English
AdamVu
已提问 5 年前657 查看次数
1 回答
0

Hi,
You will not be able to access the Internet based on the diagram you provided due to transitive peering not supported:
https://docs.aws.amazon.com/vpc/latest/peering/invalid-peering-configurations.html#edge-to-edge-vgw

However, it appears that you can re-architect your system to use the Transit Gateway, which will allow you to route on-premise Internet traffic through your AWS site-to-site VPN:
https://www.reddit.com/r/aws/comments/a67t6g/transit_gateway/
https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpn-attachments.html

Hope this helps,
-randy

RandyTakeshita
已回答 5 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容