Creating an AWS Transit Gateway VPN Connection
Create a VPN connection to enable connections to on-prem environments through VPN tunnels. Each VPN connection connects users to a specific Network Domain.
Before setting up this type of connection, download the Aviatrix VPN Client. |
This step creates a VPN connection from the AWS TGW in a selected Network Domain.
To create an AWS TGW VPN connection:
-
Go to Aviatrix CoPilot > Networking > Connectivity > select the AWS TGW tab > select an existing AWS TGW.
-
Select the Attachments tab.
-
Select the VPN tab.
-
Click + VPN Attachment.
-
Enter the following information:
Setting | Value |
---|---|
Name |
A unique name for the VPN connection. |
Remote Public IP |
Remote site public IP address. |
Network Protocol |
Use BGP to connect to remote site or static IP. The fields below change if you select Static. |
Remote AS Number for BGP |
When BGP is selected, enter the AS number of the remote site. |
Learned CIDRs Approval for BGP |
Select the option to enable TGW Approval. See TGW Approval for more information. |
Remote CIDRs for Static |
Enter a list of CIDRs separated by comma. |
Network Domain |
Select a Network Domain to associate the VPN attachment with. |
Global Acceleration |
Select this option to enable AWS Accelerated VPN. This feature leverages the xref: AWS Global Accelerator to connect VPN users to the nearest AWS Edge location access point and traverse the AWS backbone to the VPN Gateway. |
Advanced |
|
Tunnel 1 |
Enter the inside IP CIDR for the first tunnel. |
Tunnel 2 |
Enter the inside IP CIDR for the second tunnel. |
-
Click Save.
Your TGW to VPN connection is saved. Refresh the page to see the newly created VPN connection. Then, download the VPN configuration:
-
If you selected BGP as the Network Protocol, click Download to download the configuration.
-
If you selected Static as the Network Protocol, go to your AWS Console > VPC > Site-to-Site VPN Connections to download the configuration file.