Configure AWS route tables to use NetFoundry gateway for egress to Azure Virtual WAN

AWS allows you to specify network routes so that the NetFoundry Gateway will pass traffic from your Branch VPC to the Azure Virtual WAN or other network. In order for network interfaces to do this, IP forwarding must be enabled in AWS. This feature is disabled by default and must be enabled to pass traffic for unknown networks. IP forwarding has been enabled on your pre-built NetFoundry image.

______________________________________________________________________________________________

Log into the AWS Portal: https://console.aws.amazon.com

 

Create the static routing entry.

 

These instructions assume your servers reside in the same VPC subnet as your NetFoundry Gateway

Create the route table in the VPC subnet of your NetFoundry Gateway and associated hosts. 

 

1. Select and copy the Instance ID of your NetFoundry Gateway.

instanceid.png

 

 

2. Select VPC from the main menu list of Services. 

 

vpc.png

 

 

3. Select the appropriate subnet in which the Gateway and host reside. Then select the Route Table tab and make sure the Subnet is associated with the default routing table. Edit the route table association if it is not listed to add the subnet.

 

subnetassoc.png

 

4. Select Route Tables from the VPC Dashboard on the left panel. Select the Subnet by highlighting it and the summary information will be displayed below. Choose the Routes tab to explore the current routing configuration. 

 

currentroutes.png

 

5. Hit Edit and select "Add another route". Supply the following information and hit Save

- Provide Network address for the remote network in CIDR notation...e.g. 8.0.0.0/8 

- Provide the Instance ID copied in the previous step and paste in the target box.

 

6. Next we will enable a Port forwarding function which essentially allows transfer of packets by unknown networks on the Gateway. 

- Return to the "Running EC-2 instances" dashboard page.

- Select the Gateway Instance and hit Actions >                    Networking> Change Source/Dest Check

- Hit Yes, Disable.

- Test your connections.

 

destcheck.png

 

 

destcheck2.png

 

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Article is closed for comments.