Connect your VPC to remote networks using AWS Virtual Private Network
You can connect your VPC to remote networks and users using the following VPN connectivity options.
| VPN connectivity option | Description |
|---|---|
| AWS Site-to-Site VPN | You can create an IPsec VPN connection between your VPC and your remote network. On the AWS side of the Site-to-Site VPN connection, a virtual private gateway or transit gateway provides two VPN endpoints (tunnels) for automatic failover. You configure your customer gateway device on the remote side of the Site-to-Site VPN connection. For more information, see the AWS Site-to-Site VPN User Guide. |
| AWS Client VPN | AWS Client VPN is a managed client-based VPN service that enables you to securely access your AWS resources or your on-premises network. With AWS Client VPN, you configure an endpoint to which your users can connect to establish a secure TLS VPN session. This enables clients to access resources in AWS or on-premises from any location using an OpenVPN-based VPN client. For more information, see the AWS Client VPN Administrator Guide. |
| AWS VPN CloudHub | If you have more than one remote network (for example, multiple branch offices), you can create multiple AWS Site-to-Site VPN connections via your virtual private gateway to enable communication between these networks. For more information, see Providing secure communication between sites using VPN CloudHub in the AWS Site-to-Site VPN User Guide. |
| Third party software VPN appliance | You can create a VPN connection to your remote network by using an Amazon EC2 instance
in your VPC that's running a third party software VPN appliance. AWS does
not provide or maintain third party software VPN appliances; however, you
can choose from a range of products provided by partners and open source
communities. Find third party software VPN appliances on the AWS Marketplace |
You can also use AWS Direct Connect to create a dedicated private connection from a remote network to your VPC. You can combine this connection with an AWS Site-to-Site VPN to create an IPsec-encrypted connection. For more information, see What is AWS Direct Connect? in the AWS Direct Connect User Guide.
