06-03-2019 03:13 PM
I am trying to setup ipsec tunnel between an ASA-V in one VPC and a CSR in another VPC using the VTI-VPN (route based vpn) using ikev2.
I understand I need to get connectivity between the two tunnel interfaces in order to setup the VTI-VPN but I am not finding any documentation on how to do that in AWS. I cannot add an IP of an existing subnet as it overlaps and if I add another private address out of an unused subnet it has no connectivity as AWS does know anything about it.
TLDR: How do I get connectivity between two tunnel interfaces on an ASA-V / CSR in two different VPC's in AWS ?
06-03-2019 06:23 PM
Are you building the tunnels separately? from the source and destination where the communication needs to flow. You don't want the Tunnel knowing about the traffic it is tunneling. Try setting up Loopbacks and make them your sour and des endpoints this way if something happens to the interfaces the Loopbacks should still be there.
06-04-2019 08:28 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide