With an Amazon VPC VPN connection, the user’s network or data centers are linked to the Amazon’s virtual private cloud. While the anchor on the Amazon’s side is called virtual private gateway, the user’s side anchor is called customer gateway.
There are two tunnels that connect the customer gateway to the virtual private gateway. In case there is a failure in one of the tunnels or during the regular maintenance, the
Virtual Private Network automatically connects to the second tunnel to eliminate any risks of interruptions. The customer gateway can be a physical device or a software application.
The connectivity options that have been tested and found suitable for your VPC include:1. The Internet gateways. It provides a target in the VPC route for the internet routable traffic and performs as a NAT (network address translation). The internet gateways support both IPv4 and IPv6 address.
2. The corporate data center using a hardware VPN connection. Generally, the instances that are used in the VPC cannot communicate with your remote network. To enable it, a virtual private gateway must be attached to the VPC to create an AWS managed VPN connection.
3. Both the above
4. AWC services like Internet gateway, virtual private gateway, VPC endpoints, NAT etc. Instances in a private subnet can be connected to the internet or any other AWS service using a NAT. The NAT gateway is not supported for the IPv6 traffic.
5. Using VPC peer connections. VPC peering connection connects two VPCs. This will facilitate routing traffic between the two in a private way. VPC peering connections can be built between your VPC and another Amazon VPC account or with an Amazon’s VPC in a different
Amazon Web Services location. A VPC peering connection is created using the prevailing infrastructure of a VPC and does not use any other new hardware.