First, the type of VPN connection should be "VPN tunnel interface". If you create the VPN with other type. Then remove it and create with the right type. Then you can create the vti interface and bind to the VPN connection. Then add route to AWS subnet and select the vti interface as next-hop.
- I don't want to create a tunnel, but a site to site only vpn type. In this way i cannot create VTI cause i don't have any tunnel
- I am completly sure that the type of site to site work, cause till 2 weeks ago before moving office it was configured like this and it worked ( but i didn't configured it )
Sorry, that I don't know how to use policy-based VPN to connect to AWS VPC. Since all the vendor on the list are certified by AWS with route-based IPSec VPN. I just follow the way. So does my another connection to Microsoft Azure also routed-based.
Comments
First, the type of VPN connection should be "VPN tunnel interface".
If you create the VPN with other type. Then remove it and create with the right type.
Then you can create the vti interface and bind to the VPN connection.
Then add route to AWS subnet and select the vti interface as next-hop.
my exact points are:
- I don't want to create a tunnel, but a site to site only vpn type. In this way i cannot create VTI cause i don't have any tunnel
- I am completly sure that the type of site to site work, cause till 2 weeks ago before moving office it was configured like this and it worked ( but i didn't configured it )
so ? i don't have any reply for me
do u ?
please
Since all the vendor on the list are certified by AWS with route-based IPSec VPN.
I just follow the way. So does my another connection to Microsoft Azure also routed-based.
thanks everyone
i solved it
i was forgetting to add a static route
not only security group and vpc