By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Setting-up Site-to-Site VPN connection Help

0

Hi,

I'm to new this network area. but I managed to connect my VPC with customer's Test site via DNAT through Elastic IPs.

Now I'm in a situation where I need to connect my VPC to the Customer's Production environment and customer is not agreeing to provide DNAT but they are asking me to setup a Site-to-Site VPN.

I configured my Site-to-Site VPN based on following document. https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html

but I still can see that my tunnels are down. Enter image description here

is this because that the customer does not setup connection to my site-to-site vpn from their side yet or something else? What should I do next? please advice.

Topics
Networking & Content Delivery
Tags
Amazon VPCAWS Virtual Private Network (VPN)AWS Client VPN
Language
English
RG
asked 6 months ago283 views
3 Answers
1

Hello.

If you do not configure the VPN settings on the on-premises router, the status will be DOWN.
Also, if the settings on the on-premises router are incorrect, the status will be DOWN.
So, first you need to complete the router settings.

profile picture
EXPERT
Riku_Kobayashi
answered 6 months ago
profile picture
EXPERT
Gary Mclean
reviewed 6 months ago
  • RG
    6 months ago

    So, the next step is to communicate with customer to do the setup from their end. Thank you.

1

Hello,

After you create the VPN connection, you can download the configuration file (select as per the customer's device) and share it with them to configure vpn on their end.

https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html#vpn-download-config https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html#vpn-configure-customer-gateway-device

If their end (customer gateway) is configured properly, tunnel should come UP.

If after customer has configured their end of VPN and tunnels are still not established, you must determine which phase the failure occurred:

For (IKE/Phase 1) issues, follow the steps in https://repost.aws/knowledge-center/vpn-tunnel-phase-1-ike

For (IPsec/Phase 2) issues, follow the steps in https://repost.aws/knowledge-center/vpn-tunnel-phase-2-ipsec

profile pictureAWS
EXPERT
Karthikiran Ilango
answered 6 months ago
profile picture
EXPERT
Gary Mclean
reviewed 6 months ago
0

Customer said that he has already completed the setup from their end. but still, I can see that the status is down. also, I got this email today from AWS. how this effect for my case? Enter image description here

RG
answered 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content