AWS Certified Solutions Architect - Professional 2020

Sign Up Free or Log In to participate!

Establishing VPN over Direct Connect

According to the link below, to establish a VPN over a direct connect connection, we always have to use public VIFs, Why is that the case? Are we not able to use private VIFs? 

I understand that private VIFs are used to connect to private IPs, while public VIFs are used for public IPs(for eg S3)

In that case, why do we always have to use public VIFs when establishing VPN over a Direct Connect connection?

1 Answers

For the AWS managed VPN, it needs to be terminated at VGW on the AWS side. VGW provides 2 VPN endpoints for each of the VPN connection, and these VPN endpoints are public IP endpoints that can be reached over the internet or over the public VIF.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?