...

/

VPC Connections

VPC Connections

Build on your understanding of the AWS VPC by learning about key connections and networks.

AWS Site-to-Site VPN

By default, AWS resources can’t communicate with remote data centers. However, AWS allows us to configure an AWS Site-to-Site VPN connection between our private or corporate data centers and an AWS VPC.

To set up an AWS Site-to-Site VPN, we need the following:

  • Virtual private gateway (VPG): A VPG is a VPN endpoint on the AWS side of a Site-to-Site VPN connection. It can only be attached to one VPC at a time.
  • Customer gateway device: A physical device or software application on the data center side of the Site-to-Site VPN connection.
  • Customer gateway: An AWS resource that provides information about a customer gateway device.
  • Route propagation: Once the VPG and customer gateway are set up, we enable route propagation for the VPG in the VPC route table for the AWS Site-to-Site connection to work.

Note: If we need to ping an EC2 instance from on-site servers, we have to allow inbound access to the Internet Control Message Protocol (ICMP) in the instance security group.

Access this course and 1400+ top-rated courses and projects.