AWS Site-to-Site VPN
User Guide

Site-to-Site VPN Configuration Examples

The following diagrams illustrate single and multiple Site-to-Site VPN connections. The VPC has an attached virtual private gateway, and your remote network includes a customer gateway, which you must configure to enable the Site-to-Site VPN connection. You set up the routing so that any traffic from the VPC bound for your network is routed to the virtual private gateway.

When you create multiple Site-to-Site VPN connections to a single VPC, you can configure a second customer gateway to create a redundant connection to the same external location. You can also use it to create Site-to-Site VPN connections to multiple geographic locations.

Single Site-to-Site VPN Connection


            VPN layout

Single Site-to-Site VPN Connection with a Transit Gateway


                  Single Site-to-Site VPN Connection with a Transit Gateway

Multiple Site-to-Site VPN Connections


            Multiple Site-to-Site VPN layout

Multiple Site-to-Site VPN Connections with a Transit Gateway


                    Multiple Site-to-Site VPN connections with a Transit Gateway