Example: Route analysis with a middlebox configuration

If you've configured a VPC to act as a middlebox appliance for inspecting traffic that flows to other parts of your network, you can indicate the location of the appliance in the route analysis. In the following example, the transit gateway has two VPC attachments and a VPN attachment. VPC A runs a firewall appliance (middlebox) that inspects the traffic that flows between the VPN connection and VPC B.

In the Route Analyzer, you can specify the location of the middlebox appliance as follows:

Under Source, specify the transit gateway and the VPN attachment. Specify an IP address from the range of the on-premises network, for example, 10.0.0.7.
Under Destination, specify the transit gateway and the attachment for VPC B. Specify an IP address from the CIDR block of VPC B, for example, 172.31.0.8.
For Middlebox appliance?, choose Include.
Run the route analysis.
For the Middlebox appliance? sections for the transit gateway attachment for VPC A, choose Yes.

You can choose the ID of any resource in the path to view more information about that resource.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions