Route table configurations for AWS Network Firewall

To include the firewall in your Amazon Virtual Private Cloud VPC, you modify the VPC route tables so that the traffic that you want the firewall to filter passes through the firewall endpoints. Exactly how you do this depends on your architecture and the traffic that you want to filter. For example, to filter all traffic between an internet gateway and your customer subnets, you redirect incoming traffic from the internet gateway and outgoing traffic from the customer subnets through the firewall endpoint.

For information about managing route tables for your VPC, see Route tables in the Amazon Virtual Private Cloud User Guide.

For descriptions of common architectures for AWS Network Firewall, with example route table configurations, see AWS Network Firewall example architectures with routing.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

How Network Firewall filters network traffic

Considerations for asymmetric routing