VPC Connections
Build on your understanding of the AWS VPC by learning about key connections and networks.
AWS Site-to-Site VPN
By default, AWS resources can’t communicate with remote data centers. However, AWS allows us to configure an AWS Site-to-Site VPN connection between our private or corporate data centers and an AWS VPC.
To set up an AWS Site-to-Site VPN, we need the following:
- Virtual private gateway (VPG): A VPG is a VPN endpoint on the AWS side of a Site-to-Site VPN connection. It can only be attached to one VPC at a time.
- Customer gateway device: A physical device or software application on the data center side of the Site-to-Site VPN connection.
- Customer gateway: An AWS resource that provides information about a customer gateway device.
- Route propagation: Once the VPG and customer gateway are set up, we enable route propagation for the VPG in the VPC route table for the AWS Site-to-Site connection to work.
Note: If we need to ping an EC2 instance from on-site servers, we have to allow inbound access to the Internet Control Message Protocol (ICMP) in the instance security group.
Get hands-on with 1400+ tech skills courses.