How can I configure a BGP Route based vpn between SonicWall and AWS ?
03/26/2020 45 People found this article helpful 37,282 Views
The following networks will be used for demonstration purposes during this article. Your networks may be different.
- LAN subnet: 10.50.30.0/24
- Public IP: 220.127.116.11
- LAN subnet: 10.13.1.0/24
- Public IP: 18.104.22.168
- BGP Local ASN 65000
- BGP REMOTE ASN 64512
- BGP PEER IP 169.254.116.78
- TUNNEL INTERFACE IP 169.254.116.77
- Login to the AWS portal at https://aws.amazon.com.
- Create Virtual Private Gateway and associate it with the VPC .
- Create Customer Gateway with routing as Dynamic and remote end Public ip address .
- Create VPN connection and define Virtual Private gateway and Customer Gateway and (Download Configuration ) to be used on SonicWall.
- Login to the SonicWall firewall.
- Navigate to the VPN policy tab. We're using the latest SonicOS 6.5 firmware. Navigate to Manage | VPN | Base Settings. Click Add to create a new VPN policy.
- Give the VPN policy a name. We'll use the following settings.
- Policy Type: Tunnel Interface
- Authentication Method: IKE using Preshared Secret.
- Click the Proposals tab and use default IKEV2 proposals.
- Create Tunnel Interface, navigate to Network | Interfaces.
- Enable Advance routing Under Network | Routing | Settings, Configure BGP using CLI.
admin@0040103538F8> config t
ARS BGP>router bgp 65000
neighbor 169.254.116.78 remote-as 64512
network 10.13.1.0 mask 255.255.255.0
Was This Article Helpful?