Source: blog.smarking.net
AWS Site-to-Site VPN with NATCategory: Infrastructure, firewall
At Smarking, we use the Amazon Web Services (AWS) infrastructure. We help organizations improve the efficiency of parking lots, and to do that we need to communicate with their computing systems.
Is it possible to create an IPsec tunnel from an AWS Virtual Private Cloud (VPC) to a network outside of AWS?
Note that AWS has a built-in component called "NAT gateway," but here we run our own EC2 instance that performs this function using Linux and iptables packet filter.
Next, we connect to the test EC2 instance in the 20.0.5.0/16 subnet and ping the test instance in the customer's 172.31.0.0/16 subnet, We can also observe the traffic flowing through the NAT gateway instance: The following helpful AWS CLI commands output all configurations for all Site-to-Site VPN connections.
Is it possible to create an IPsec tunnel from an AWS Virtual Private Cloud (VPC) to a network outside of AWS?
Note that AWS has a built-in component called "NAT gateway," but here we run our own EC2 instance that performs this function using Linux and iptables packet filter.
Next, we connect to the test EC2 instance in the 20.0.5.0/16 subnet and ping the test instance in the customer's 172.31.0.0/16 subnet, We can also observe the traffic flowing through the NAT gateway instance: The following helpful AWS CLI commands output all configurations for all Site-to-Site VPN connections.
Related Articles
Community Partners
DevOps Careers