Azure – inter-cloud vpn tunneling (AWS and Azure)

amazon-vpcamazon-web-servicesazureazure-networkingsite-to-site-vpn

I'm trying to establish a VPN site-to-site between a VPC in Amazon Web Services and a VNet in Microsoft Azure. For that I'd like to use AWS' Virtual Private Gateway on one side and Azure's Virtual Network Gateway on the other side. Is that possible? I mean they both use IPsec but are the Gateways compatible? I appreciate the help.

Best Answer

This is now possible and I have documented it here.

Notes:

It works out of the box. Just setup each side, make the settings match (IP addresses and IP address spaces for the VPC and VNet) and Bob's your uncle.
You can setup dual tunnels (AWS) and active-active (Azure).
BGP configuration is still not possible to be matched: AWS uses the tunnel's internal addresses while Azure does not have that concept and hardcodes the last available IP in the GatewaySubnet. Those two things are incompatible, so BGP can't be established with only the native gateways.

Best Answer

Related Solutions

amazon-web-services azure site-to-site-vpn – How to Create a VPN Link Between Azure VNET and AWS VPC

Azure – Use AWS private DNS from Azure through site-to-site VPN

Related Topic