Please enable JavaScript.
Coggle requires JavaScript to display documents.
VPC TE note (VPN (software VPN (microsoft or checkpoint, Support open…
VPC TE note
VPN
-
direct connect
-
AWS Direct Connect provides a dedicated private connection from a remote network to your VPC.
Direct Connect can be combined with an AWS hardware VPN connection to create an IPsec-encrypted connection
-
-
hardware VPN
-
Connectivity can be established by creating an IPSec, hardware VPN connection between the VPC and the remote network.
On the AWS side of the VPN connection, a Virtual Private Gateway (VGW) provides two VPN endpoints for automatic failover.
On customer side a customer gateway (CGW) needs to be configured, which is the physical device or software application on the remote side of the VPN connection
-
firewall
NACL
-
default network ACL. By default, it allows all inbound and outbound IPv4 traffic and, if applicable, IPv6 traffic.
You can create a custom network ACL and associate it with a subnet. By default, each custom network ACL denies all inbound and outbound traffic until you add rules.
Each subnet in your VPC must be associated with a network ACL. If you don't explicitly associate a subnet with a network ACL, the subnet is automatically associated with the default network ACL.
You can associate a network ACL with multiple subnets. However, a subnet can be associated with only one network ACL at a time. When you associate a network ACL with a subnet, the previous association is removed.
A network ACL contains a numbered list of rules. We evaluate the rules in order, starting with the lowest numbered rule, to determine whether traffic is allowed in or out of any subnet associated with the network ACL. The highest number that you can use for a rule is 32766. We recommend that you start by creating rules in increments (for example, increments of 10 or 100) so that you can insert new rules where you need to later on.
A network ACL has separate inbound and outbound rules, and each rule can either allow or deny traffic.
-
-