Today we are setting up a VPN between an onsite SonicWall and AWS.
- Log into your AWS account and navigate to your VPC
- Scroll down and navigate to VPN Connections -> Customer Gateways
- Click on Create Customer Gateway
- Name it, configure the routing and assign it the external IP address of your SonicWall (IP of the WAN interface)
- Navigate to VPN Connections -> Virtual Private Gateways and create a new Virtual Private Gateway and attach it to the VPC
- Navigate to VPN Connections -> VPN Connections
Create a new VPN Connection.
- Go to ‘Route Tables’ and add the private local route
- If all worked fine so far, go back to VPN Connections and download the Config File for the SonicWall. It has to the generic one as there is no specific one for SonicWall.
- You are done in AWS for now. Take a coffee brake… :o)
- Log into your SonicWall and navigate to:
VPN -> Settings -> VPN Policies -> Add…
Setup a VPN:
IPSec Primary Gatey: AWS Tunnel 1 IP
Shared Secret, see downloaded generic documentation (open in word!)
Local IKE: Ext IP from Sonicwall
Peer IKE: Same as IPSec Gateway
- Setup the proposal accordingly:
- Setup the Advances settings accordingly:
- Go to VPN -> Advanced and disable NAT Traversal
- Go to Network -> Routing and configure a new router for the VPN.
- Go to Firewall -> Access Rules and create a new rule for the AWS VPN
(VPN -> LAN and LAN -> VPN)
- Check in both AWS and SonicWall that the tunnel is up and check the firewalls. Once that is done start pinging from local to AWS and vice versa to confirm all is good.
All done :o)