Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Routing internet traffic via VPC from remote Site-to-Site VPN Network

0

Is it possible to route internet traffic from a remote on-premise network, via an AWS site-to-site VPN into a VPC, and out through the VPC's Internet Gateway as a means of providing the remote network with Internet access? I'm using a StrongSwan customer gateway on the remote network, and a Transit Gateway into the VPC.

Themen
Vernetzung & Bereitstellung von Inhalten
Tags
Amazon VPCAWS Transit GatewayAWS Virtuelles Privates Netzwerk (VPN)
Sprache
English
CET
gefragt vor 2 Jahren1015 Aufrufe
1 Antwort
1

Hello,

Yes, it is possible. You would need a NAT gateway for the internet egress.

This pattern is described in this link along with routing:

https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-nat-igw.html

Please note that from TGW perspective, there are only attachments and in this case it does not matter if the spoke attachment is a VPC or a VPN, so you can disregard the fact that the example includes only VPCs.

The flow would look like below, not detail but would give you an idea:

On-premises network <== VPN ==> TGW --> VPC (NAT gateway & IGW) --> Internet

Hope this helps.

profile pictureAWS
EXPERTE
Tushar_J
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt