×
Step-by-Step to configure Site-to-Site VPN in AWS
Cloud Computing Cloud Services

Step-by-Step to configure Site-to-Site VPN in AWS

In this blog, we will show you the step-by-step to configure a site-to-site VPN in the AWS environment.

 

REQUIREMENT

 

  • AWS Subscription

 

CREATING VPC

 

  • Login into the AWS console using the below URL.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • After successful login, click on services and select VPC under Networking & Content Delivery.

 

  • Click on Your VPCs.

 

  • To create a new VPC, click on the Create VPC button.

 

  • Provide name tag and IPv4 details and click Create.

 

  • New VPC created successfully. Click on Close button.

 

CREATING SUBNET

 

  • Click on Subnets option under the Virtual Private Cloud section.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Click on Create subnet option.

 

  • Provide a name for your subnet and select the VPC from the drop-down list.

 

  • Then add the IPv4 CIDR block and click on the create button.

 

  • Subnet created successfully.

 

ADDING ROUTING TABLES

 

  • Click on Route Tables option.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • We will have an existing route table for the VPC which we created earlier.

 

  • Provide a relevant name for this routing table.

 

  • To associate the subnet with the routing table, Select the corresponding routing table and click on the Subnet Associations tab.

 

  • Then click on the Edit subnet Associations.

 

  • Select the subnet and click on Save button.

 

  • Now select the Route Propagation Tab.

 

  • Click on Edit Route Propagation button.

 

  • Select the Propagate checkbox and click the save button.

 

INTERNET GATEWAY CREATION

 

  • Select the Internet Gateway link under Virtual Private Cloud section.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Click on Create Internet Gateway button.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Provide a name and click on Create.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Gateway created successfully.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Select the newly created Gateway and click on Action – Attach to VPC.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Select the VPC from the drop-down list and click on Attach.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Now the Gateway status has changed to Attached state.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Now we need to add the routing entry for the Internet Gateway connection. To do that, click on Routing tables link and select the entry which we create earlier.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Select the Routes tab and click on Edit Routes.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Click on Add Route.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Type destination as 0.0.0.0/0 and select target as Internet Gateway from the drop-down list. Then click on Save Routes to save the changes.

Step-by-Step to configure Site-to-Site VPN in AWS

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Routes added successfully.

Step-by-Step to configure Site-to-Site VPN in AWS

 

NAT GATEWAY CREATION

 

  • Click on the NAT Gateways link under Virtual Private Cloud section.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • To create a new NAT Gateway, Click on the Create NAT Gateway link.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Select the relevant subnet from the drop-down list. In this demo, we select AZ-Subnet. Also, click on create a new EIP link to provide a new EIP for this Gateway.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Click on Create NAT Gateway button.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • NAT Gateway created successfully.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • It will take a few minutes to change the NAT Gateway status to available.

Step-by-Step to configure Site-to-Site VPN in AWS

 

CREATING CUSTOMER GATEWAY

 

  • Click on the Customer Gateway link under Virtual Private Network section.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • To create a new link, click on the Create Customer Gateway button.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Provide a name for your connection and add the public address of your internal network firewall. Then click on create customer gateway button.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Customer Gateway created successfully.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • The new connection will be available in the list.

Step-by-Step to configure Site-to-Site VPN in AWS

 

CREATING NEW VIRTUAL PRIVATE GATEWAY

 

  • Click on the Virtual Private Gateway under VPN section.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Click on create virtual private gateway button.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Provide a name for the new connection and click on the create button.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Now select the connection and click on Actions – Attach VPC.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Select the VPC from the drop-down list and click on the Attach button.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • After a few minutes, VPN status has been changed to the attached state.

Step-by-Step to configure Site-to-Site VPN in AWS

 

CREATING SITE-TO-SITE CONNECTION

 

  • Click on site-to-site connection under VPN Section.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Click on Create VPN Connection.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Provide a name for your connection and select the corresponding VPN and Customer Gateway from the drop-down list.

Step-by-Step to configure Site-to-Site VPN in AWS

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • Under Routing Options, select the static option and provide your on-premises internal network CIDR block. Then click on the create button.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • After a few minutes, the connection status will be changed to available.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • We have completed the site-to-site configuration from AWS end. Now we need to configure our on-premises firewall to communicate with this VPN. To do that, click on the Download Configuration button.

Step-by-Step to configure Site-to-Site VPN in AWS

 

  • The settings may vary based on your internal network configuration. Select the vendor from the drop-down list and download the configuration. Hand-over to your local network administrator to proceed further.

Step-by-Step to configure Site-to-Site VPN in AWS

 

REFERENCE

https://docs.aws.amazon.com/vpn/latest/s2svpn/SetUpVPNConnections.html

 

Thanks for reading this blog. We hope it was useful for you to learn the step-by-step to configure the Site-to-Site VPN in AWS.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.