- To date, AWS Site-to-Site VPN supports the ability to set up an IPSec VPN connection over Direct Connect with private IP addresses. This change will allow customers to encrypt DX traffic between their on-site network and AWS without the need for public IP addresses, which will also allow for better security and privacy on the network. AWS Site-to-Site VPN is a fully managed service that creates a secure connection between your data center or branch office and your AWS resources using IP Security Tunnels (IPSec). Until now, you had to use a public IP address to connect local networks to AWS VPC. Many customers require strong Direct Connect network traffic encryption and are not allowed to use public IP addresses for this communication. With this launch, you can configure private IP addresses (RFC1918) in their IPSec VPN tunnels with Direct Connect and ensure that traffic between AWS and the local network is both encrypted and private. This feature improves your overall security position and allows you to follow any security rules or commands more. To get started, create a private IP VPN connection with the AWS gateway in Direct Connect and enter the remote IP address type as the private IP. You must specify the appropriate Transit Gateway Direct Connect extension that you want to use as the carrier for this private IP VPN connection. You can route traffic over a private IP VPN connection between AWS and your network remotely using BGP (Dynamic) or by configuring static routes in the Transit Gateway routing tables. This feature is available through the AWS Management Console, the Amazon Command Line Interface (Amazon CLI) and the Amazon Software Development Kit (Amazon SDK). Private IP VPN support is available in all AWS areas where AWS Site-to-site VPN is available. The prices for a private IP VPN connection are the same as for a regular site-to-site VPN connection.
For further actions, you may consider blocking this person and/or reporting abuse
Top comments (0)