AWS Site-to-Site VPN Infographic
Networking & Content Delivery

AWS Site-to-Site VPN

Securely connect your on-premises network to the cloud using encrypted IPsec tunnels over the public internet.

The Core Components

What you need to establish a secure connection

Customer Gateway

The physical device or software application on your side of the Site-to-Site VPN connection.

Virtual Private Gateway

The VPN endpoint on the Amazon side of your Site-to-Site VPN connection.

IPsec Tunnels

Two encrypted tunnels for high availability, ensuring traffic flows even if one fails.

Routing Options

Support for both Static routing and Dynamic routing via Border Gateway Protocol (BGP).

How It Works

A visual representation of the encrypted data flow

ON-PREMISES

Customer Gateway
PUBLIC INTERNET AWS CLOUD

Virtual Private Gateway
1

Initiate a connection from your Customer Gateway using a public IP address.

2

AWS establishes two tunnels for redundancy, encrypting data with IKE/IPsec protocols.

3

Traffic is routed to your VPC resources securely as if they were on your local network.

Fast Setup

Provision in minutes via AWS Console or CLI.

Managed Security

AWS handles the heavy lifting of VPN maintenance.

CloudWatch Integration

Monitor tunnel status and data throughput.

Cost-Effective

Low hourly rate + data transfer charges.

AWS Educational Series

“The bridge between your data center and the future.”

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top