Site to Site VPN Connections, VPC, IGW, SUBNETS, RT, VPG,CG
Create a VPC first.
Create an IGW and attach it to the VPC
Create SubnetS .
Create the route tables.
Now click on Route and click at edit route here you need to Attach the Internet gateway to it. (0.0.0.0/0) by providing an Open network access
Commands to use:
LOGIN AS-ec2-user
$ sudo su
Install openswan:
$ yum install openswan -y
vim /etc/ipsec.conf
vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
service network restart
2. Command for
vim /etc/ipsec.d/aws-vpn.conf
Here you will change 4 Things: leftid, right id, left subnet and right subnet. Now access your downloaded document and get leftid and right details from there.
conn Tunnel1
authby=secret
auto=start
left=%defaultroute
leftid= 15.237.72.38
right= 3.8.241.247
type=tunnel
ikelifetime=8h
keylife=1h
phase2alg=aes128-sha1;modp1024
ike=aes128-sha1;modp1024
keyingtries=%forever
keyexchange=ike
leftsubnet= 10.2.0.0/16
rightsubnet= 10.1.0.0/16
dpddelay=10
dpdtimeout=30
dpdaction=restart_by_peer
3.
vim /etc/ipsec.d/aws-vpn.secrets
Customer Gateway IP Virtual private gateway ip: PSK “Pre Shared Key”
15.237.72.38 3.8.241.247: PSK “_oXntP8v2rsVt5E2F3H81qwZxS293GZt”
4.
$ chkconfig ipsec on
$ service ipsec start
$ service ipsec status
End
ipv4
