EC2 VPC VPN Update – NAT Traversal, Additional Encryption Options, and More

Posted on: Oct 28, 2015

We have released four new features for our VPC VPN product. Starting today the VPN product now supports AES 256, SHA-2, additional Diffie Hellman groups, and NAT Traversal. In addition to those new features, you can also re-use your Customer Gateway (CGW ) IP address. You no longer need a unique IP address for each connection you create.

To take advantage of these features on any VPN tunnel, including the reusable CGW IP address, you will need to first create a new Virtual Gateway (VGW), then create new tunnels with these attributes. You do not need to configure anything in the AWS console to use them. You can control what you use within your own VPN devices configuration, for example AES 256 and SHA 256.