docs.aws.amazon.com Open in urlscan Pro
13.224.103.77  Public Scan

Form analysis
0 forms found in the DOM

Text Content

SELECT YOUR COOKIE PREFERENCES

We use essential cookies and similar tools that are necessary to provide our
site and services. We use performance cookies to collect anonymous statistics so
we can understand how customers use our site and make improvements. Essential
cookies cannot be deactivated, but you can click “Customize cookies” to decline
performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide
useful site features, remember your preferences, and display relevant content,
including relevant advertising. To continue without accepting these cookies,
click “Continue without accepting.” To make more detailed choices or learn more,
click “Customize cookies.”

Accept all cookiesContinue without acceptingCustomize cookies


CUSTOMIZE COOKIE PREFERENCES

We use cookies and similar tools (collectively, "cookies") for the following
purposes.


ESSENTIAL

Essential cookies are necessary to provide our site and services and cannot be
deactivated. They are usually set in response to your actions on the site, such
as setting your privacy preferences, signing in, or filling in forms.




PERFORMANCE

Performance cookies provide anonymous statistics about how customers navigate
our site so we can improve site experience and performance. Approved third
parties may perform analytics on our behalf, but they cannot use the data for
their own purposes.

Allow performance category
Allowed


FUNCTIONAL

Functional cookies help us provide useful site features, remember your
preferences, and display relevant content. Approved third parties may set these
cookies to provide certain site features. If you do not allow these cookies,
then some or all of these services may not function properly.

Allow functional category
Allowed


ADVERTISING

Advertising cookies may be set through our site by us or our advertising
partners and help us deliver relevant marketing content. If you do not allow
these cookies, you will experience less relevant advertising.

Allow advertising category
Allowed

Blocking some types of cookies may impact your experience of our sites. You may
review and change your choices at any time by clicking Cookie preferences in the
footer of this site. We and selected third-parties use cookies or similar
technologies as specified in the AWS Cookie Notice.

CancelSave preferences




UNABLE TO SAVE COOKIE PREFERENCES

We will only store essential cookies at this time, because we were unable to
save your cookie preferences.

If you want to change your cookie preferences, try again later using the link in
the AWS console footer, or contact support if the problem persists.

Dismiss


Contact Us
English


Create an AWS Account
 1. AWS
 2. ...
    
    
 3. Documentation
 4. AWS Whitepapers
 5. AWS Whitepaper

Feedback
Preferences


AMAZON VIRTUAL PRIVATE CLOUD CONNECTIVITY OPTIONS


AWS WHITEPAPER

 * Abstract
 * Introduction
 * Network-to-Amazon VPC connectivity options
    * AWS Site-to-Site VPN
    * AWS Transit Gateway + Site-to-Site VPN
    * AWS Direct Connect
    * AWS Direct Connect + AWS Transit Gateway
    * AWS Direct Connect + AWS Site-to-Site VPN
    * AWS Direct Connect + AWS Transit Gateway + AWS Site-to-Site VPN
    * AWS VPN CloudHub
    * AWS Transit Gateway + SD-WAN solutions
    * Software VPN

 * Amazon VPC-to-Amazon VPC connectivity options
    * VPC peering
    * AWS Transit Gateway
    * AWS PrivateLink
    * Software VPN
    * Software VPN-to-AWS Site-to-Site VPN

 * Software remote access-to-Amazon VPC connectivity options
    * AWS Client VPN
    * Software client VPN

 * Transit VPC
 * AWS Cloud WAN
 * Conclusion
 * Appendix A: High-Level HA architecture for software VPN instances
 * Contributors
 * Document revisions
 * Notices

AWS Direct Connect + AWS Transit Gateway + AWS Site-to-Site VPN - Amazon Virtual
Private Cloud Connectivity Options
AWSDocumentationAWS WhitepapersAWS Whitepaper
Additional resources


AWS DIRECT CONNECT + AWS TRANSIT GATEWAY + AWS SITE-TO-SITE VPN

PDFRSS

With AWS Direct Connect + AWS Transit Gateway + AWS Site-to-Site VPN, you can
enable end-to-end IPsec-encrypted connections between your networks and a
regional centralized router for Amazon VPCs over a private dedicated connection.

You can use AWS Direct Connect public VIFs to first establish a dedicated
network connection between your network to public AWS resources, such as AWS
Site-to-Site VPN endpoints. Once this connection is established, you can create
an IPsec connection to AWS Transit Gateway. The following figure illustrates
this option.

AWS Direct Connect, AWS Transit Gateway, and AWS Site-to-Site VPN (public VIF)

AWS Direct Connect, AWS Transit Gateway, and AWS Site-to-Site VPN (transit VIF)


Consider taking this approach when you want to simplify management and minimize
the cost of IPsec VPN connections to multiple Amazon VPCs in the same region,
with the low latency and consistent network experience benefits of a private
dedicated connection over an internet-based VPN. A BGP session is established
between AWS Direct Connect and your router using either the public or the
transit VIF. Another BGP session or a static route will be established between
AWS Transit Gateway and your router on the IPsec VPN tunnel.


ADDITIONAL RESOURCES


 * AWS Direct Connect virtual interfaces

 * Transit gateway VPN attachments

 * Requirements for customer gateway devices

 * Customer gateway devices tested with Amazon VPC

 * AWS Site-to-Site VPN – Private IP VPN with AWS Direct Connect

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please
refer to your browser's Help pages for instructions.

Document Conventions
AWS Direct Connect + AWS Site-to-Site VPN
AWS VPN CloudHub
Did this page help you? - Yes

Thanks for letting us know we're doing a good job!

If you've got a moment, please tell us what we did right so we can do more of
it.



Did this page help you? - No

Thanks for letting us know this page needs work. We're sorry we let you down.

If you've got a moment, please tell us how we can make the documentation better.





DID THIS PAGE HELP YOU?

Yes
No
Provide feedback

NEXT TOPIC:

AWS VPN CloudHub

PREVIOUS TOPIC:

AWS Direct Connect + AWS Site-to-Site VPN

NEED HELP?

 * Connect with an AWS IQ expert 

PrivacySite termsCookie preferences
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.


ON THIS PAGE

 * Additional resources








A DIAGRAM SHOWING CREATING AN IPSEC CONNECTION.



Close



A DIAGRAM SHOWING DIRECT CONNECT, TRANSIT GATEWAY, AND SITE-TO-SITE VPN.



Close