Step-By-Step To Configure Site-To-Site VPN In AWS

Posted on by
Step-By-Step To Configure Site-To-Site VPN In AWS

In this blog, we will show you the step-by-step to configure a site-to-site VPN in the AWS environment.

REQUIREMENT

  • AWS Subscription

CREATING VPC

  • Login into the AWS console using the below URL.
Step-by-Step to configure Site-to-Site VPN in AWS
  • After successful login, click on services and select VPC under Networking & Content Delivery.
  • Click on Your VPCs.
  • To create a new VPC, click on the Create VPC button.
  • Provide name tag and IPv4 details and click Create.
  • New VPC created successfully. Click on Close button.

CREATING SUBNET

  • Click on Subnets option under the Virtual Private Cloud section.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Click on Create subnet option.
  • Provide a name for your subnet and select the VPC from the drop-down list.
  • Then add the IPv4 CIDR block and click on the create button.
  • Subnet created successfully.

ADDING ROUTING TABLES

  • Click on Route Tables option.
Step-by-Step to configure Site-to-Site VPN in AWS
  • We will have an existing route table for the VPC which we created earlier.
  • Provide a relevant name for this routing table.
  • To associate the subnet with the routing table, Select the corresponding routing table and click on the Subnet Associations tab.
  • Then click on the Edit subnet Associations.
  • Select the subnet and click on Save button.
  • Now select the Route Propagation Tab.
  • Click on Edit Route Propagation button.
  • Select the Propagate checkbox and click the save button.

INTERNET GATEWAY CREATION

  • Select the Internet Gateway link under Virtual Private Cloud section.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Click on Create Internet Gateway button.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Provide a name and click on Create.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Gateway created successfully.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Select the newly created Gateway and click on Action – Attach to VPC.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Select the VPC from the drop-down list and click on Attach.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Now the Gateway status has changed to Attached state.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Now we need to add the routing entry for the Internet Gateway connection. To do that, click on Routing tables link and select the entry which we create earlier.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Select the Routes tab and click on Edit Routes.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Click on Add Route.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Type destination as 0.0.0.0/0 and select target as Internet Gateway from the drop-down list. Then click on Save Routes to save the changes.
Step-by-Step to configure Site-to-Site VPN in AWS
Step-by-Step to configure Site-to-Site VPN in AWS
  • Routes added successfully.
Step-by-Step to configure Site-to-Site VPN in AWS

NAT GATEWAY CREATION

  • Click on the NAT Gateways link under Virtual Private Cloud section.
Step-by-Step to configure Site-to-Site VPN in AWS
  • To create a new NAT Gateway, Click on the Create NAT Gateway link.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Select the relevant subnet from the drop-down list. In this demo, we select AZ-Subnet. Also, click on create a new EIP link to provide a new EIP for this Gateway.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Click on Create NAT Gateway button.
Step-by-Step to configure Site-to-Site VPN in AWS
  • NAT Gateway created successfully.
Step-by-Step to configure Site-to-Site VPN in AWS
  • It will take a few minutes to change the NAT Gateway status to available.
Step-by-Step to configure Site-to-Site VPN in AWS

CREATING CUSTOMER GATEWAY

  • Click on the Customer Gateway link under Virtual Private Network section.
Step-by-Step to configure Site-to-Site VPN in AWS
  • To create a new link, click on the Create Customer Gateway button.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Provide a name for your connection and add the public address of your internal network firewall. Then click on create customer gateway button.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Customer Gateway created successfully.
Step-by-Step to configure Site-to-Site VPN in AWS
  • The new connection will be available in the list.
Step-by-Step to configure Site-to-Site VPN in AWS

CREATING NEW VIRTUAL PRIVATE GATEWAY

  • Click on the Virtual Private Gateway under VPN section.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Click on create virtual private gateway button.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Provide a name for the new connection and click on the create button.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Now select the connection and click on Actions – Attach VPC.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Select the VPC from the drop-down list and click on the Attach button.
Step-by-Step to configure Site-to-Site VPN in AWS
  • After a few minutes, VPN status has been changed to the attached state.
Step-by-Step to configure Site-to-Site VPN in AWS

CREATING SITE-TO-SITE CONNECTION

  • Click on site-to-site connection under VPN Section.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Click on Create VPN Connection.
Step-by-Step to configure Site-to-Site VPN in AWS
  • Provide a name for your connection and select the corresponding VPN and Customer Gateway from the drop-down list.
Step-by-Step to configure Site-to-Site VPN in AWS
Step-by-Step to configure Site-to-Site VPN in AWS
  • Under Routing Options, select the static option and provide your on-premises internal network CIDR block. Then click on the create button.
Step-by-Step to configure Site-to-Site VPN in AWS
  • After a few minutes, the connection status will be changed to available.
Step-by-Step to configure Site-to-Site VPN in AWS
  • We have completed the site-to-site configuration from AWS end. Now we need to configure our on-premises firewall to communicate with this VPN. To do that, click on the Download Configuration button.
Step-by-Step to configure Site-to-Site VPN in AWS
  • The settings may vary based on your internal network configuration. Select the vendor from the drop-down list and download the configuration. Hand-over to your local network administrator to proceed further.
Step-by-Step to configure Site-to-Site VPN in AWS
REFERENCE

https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html

Thanks for reading this blog. We hope it was useful for you to learn the step-by-step to configure the Site-to-Site VPN in AWS.

Loges

Leave a Reply

Your email address will not be published. Required fields are marked *