AWS Network design and VPN configuration
0
Cloud Infrastructure Architect
Cloud Security Engineer
DevOps Engineer
AWS
AWS VPC
AWS VPN
Project details:
I was the network architect who designed the network and configured the IPSec VPN with the on-prem partner.
The client asked me to help setup the site-to-site VPN with their on-prem partner, from the client's AWS environment. However as it turned out after I reviewed the current AWS network setup, we need to make design changes, to have a better network.
I created couple of subnets as per AWS design recommendations. I created private and public subnets, with the appropriate route tables and security groups. I created an additional CIDR, since the existing CIDR was not acceptable from the partner side, so we couldn't create the site-to-site VPN due to overlapping networks.
I created a private NAT Gateway with the new CIDR, so the partner was able to accept traffic from our side. I did setup the site-to-site VPN, towards the partner's physical firewall.
I created a public NAT Gateway as well, in order to provide internet access to various lambda functions.
I created the appropriate route tables and security groups, and eventually I created a comprehensive network drawing with explanation, so the client will be able to use it in the future.
Like this project
0
Posted May 2, 2024
Fixing AWS environment network setup and creating IPsec VPN from AWS towards on-prem client networks.
Likes
0
Views
3
Tags
Cloud Infrastructure Architect
Cloud Security Engineer
DevOps Engineer
AWS
AWS VPC
AWS VPN
VPN solution to secure Azure resources
Google Cloud Load Balancer with Cloud Armor