Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1652
Views
0
Helpful
2
Replies

Merging Two subnet into one subnet

vickyiht001
Level 1
Level 1

‎07-25-2017 06:40 AM

Hi guys,

We are just going with AWS (Amazone Web Service) and we have multiple subnet in our networks. And we are facing  issue in multiple subnet to connect with AWS at a time. so i just came to know with one blogs AWS has a limitation to connect multiple subnet. Please refer this url: 

https://stackoverflow.com/questions/37054532/aws-vpn-routing-to-multiple-subnets

Our Subnet is : 192.168.0.0/24

                          192.168.2.0/24

Need a quick support on this.

Labels:
0 Helpful
2 Replies 2

Aditya Ganjoo
Cisco Employee
Cisco Employee

‎07-25-2017 07:33 AM

Hi,

According to this link:

https://cloud.google.com/compute/docs/vpn/advanced#security_associations_and_multiple_subnets

AWS cloud VPN creates a single child security association (SA) announcing all CIDR blocks associated with the tunnel. ASA only supports creating a unique child SA for each CIDR block and tunnels with multiple CIDR blocks can fail to establish.

The only workaround is to aggregate the CIDRs into a single larger CIDR so that AWS creates a single SA.

Regards,

Aditya

Please rate helpful and mark correct answers

0 Helpful

Georg Pauwen
VIP
VIP

‎07-25-2017 01:48 PM

Hello,

in addition to Aditya's post, what are you looking for, the aggregate for your two blocks ?  That would be 192.168.0.0/22.

You can announce that to AWS's BGP AS by creating a null route:

ip route 192.168.0.0 255.255.252 null 0

and then announce that in your BGP:

network 192.168.0.0 mask 255.255.252.0

0 Helpful
Customers Also Viewed These Support Documents