Configuring traffic redirection to a Cloud Gateway

Prerequisites

The following prerequisites describes the necessary configuration actions in AWS for the Cloud gateways the SD-WAN Application will connect to.

AWS

•

Your administrator should create an IAM user with programmatic access on the AWS account. Both Access Key ID and Secret Access Key values needed to create a Cloud Access object in the SD-WAN Orchestrator are generated when you create an IAM user in AWS.

•

The required IAM policy describes the programmatic access set of permissions, i.e. the actions the SD-WAN Application can execute:

•

The two types of AWS managed gateways, i.e. Virtual Private Gateways and Transit Gateways are supported and must be configured with dynamic routing (BGP activated).

•

The AS number is unique for each AWS gateway and should not conflict with the AS number range used for the SD-WAN overlay.

•

Routing between VPCs and gateways is managed by you.

Procedure

1

Create and manage Cloud Access objects.

2

Optionally modify the selection of regions related to the chosen Cloud Access object and define tunnel parameters.

3

Connect the selected Spoke appliance to the Cloud Gateway:

•

AWS

4

Configure cloud connection parameters.

Depending on the gateway, two tunnels are created after you have defined the appropriate parameters in both the SD-WAN Application and in AWS.