Setting-up Site-to-Site VPN connection Help
Hi,
I'm to new this network area. but I managed to connect my VPC with customer's Test site via DNAT through Elastic IPs.
Now I'm in a situation where I need to connect my VPC to the Customer's Production environment and customer is not agreeing to provide DNAT but they are asking me to setup a Site-to-Site VPN.
I configured my Site-to-Site VPN based on following document. https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html
but I still can see that my tunnels are down.
is this because that the customer does not setup connection to my site-to-site vpn from their side yet or something else? What should I do next? please advice.
- 최신
- 최다 투표
- 가장 많은 댓글
Hello.
If you do not configure the VPN settings on the on-premises router, the status will be DOWN.
Also, if the settings on the on-premises router are incorrect, the status will be DOWN.
So, first you need to complete the router settings.
Hello,
After you create the VPN connection, you can download the configuration file (select as per the customer's device) and share it with them to configure vpn on their end.
https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html#vpn-download-config https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html#vpn-configure-customer-gateway-device
If their end (customer gateway) is configured properly, tunnel should come UP.
If after customer has configured their end of VPN and tunnels are still not established, you must determine which phase the failure occurred:
For (IKE/Phase 1) issues, follow the steps in https://repost.aws/knowledge-center/vpn-tunnel-phase-1-ike
For (IPsec/Phase 2) issues, follow the steps in https://repost.aws/knowledge-center/vpn-tunnel-phase-2-ipsec
Customer said that he has already completed the setup from their end. but still, I can see that the status is down. also, I got this email today from AWS. how this effect for my case?
관련 콘텐츠
AWS 공식업데이트됨 일 년 전- AWS 공식업데이트됨 2년 전
- AWS 공식업데이트됨 일 년 전
So, the next step is to communicate with customer to do the setup from their end. Thank you.