Create a transit gateway attachment to a VPN using Amazon VPC Transit Gateways
To create a VPN attachment using the console
-
Open the Amazon VPC console at https://console.aws.amazon.com/vpc/
. -
On the navigation pane, choose Transit Gateway Attachments.
-
Choose Create transit gateway attachment.
-
For Transit gateway ID, choose the transit gateway for the attachment. You can choose a transit gateway that you own.
-
For Attachment type, choose VPN.
-
For Customer Gateway, do one of the following:
-
To use an existing customer gateway, choose Existing, and then select the gateway to use.
If your customer gateway is behind a network address translation (NAT) device that's enabled for NAT traversal (NAT-T), use the public IP address of your NAT device, and adjust your firewall rules to unblock UDP port 4500.
-
To create a customer gateway, choose New, then for IP Address, type a static public IP address and BGP ASN.
For Routing options, choose whether to use Dynamic or Static. For more information, see Site-to-Site VPN Routing Options in the AWS Site-to-Site VPN User Guide.
-
-
For Tunnel Options, enter the CIDR ranges and pre-shared keys for your tunnel. For more information, see Site-to-Site VPN architectures.
-
Choose Create transit gateway attachment.
To create a VPN attachment using the AWS CLI
Use the create-vpn-connection command.