Networking & Content Delivery

Category: AWS VPN

Prevent VPN traffic leaks with Client VPN Route Enforcement in AWS Client VPN

Prevent VPN traffic leaks with Client VPN Route Enforcement in AWS Client VPN

Unintended traffic leaks are a real risk when you rely on remote connectivity to access cloud resources, so maintaining VPN routing integrity on connected devices is essential. When a device connects through a VPN, the administrator-defined routes instruct the operating system to direct specific traffic through the encrypted tunnel. However, those routes can be altered […]

Phased AWS Transit Gateway to AWS Cloud WAN Migration with Terraform and Network MCP Server

Phased AWS Transit Gateway to AWS Cloud WAN Migration with Terraform and Network MCP Server

Migrate from AWS Transit Gateway to AWS Cloud WAN across multiple Regions using a six-phase Terraform approach with AWS Network MCP Server validation

Intelligent VPN observability: Decoding AWS Site-to-Site VPN logs

When an AWS Site-to-Site VPN connection degrades, you sift through hundreds of log entries, correlate Border Gateway Protocol (BGP) state transitions with Internet Key Exchange (IKE) phase changes and decide whether the cause is a prefix quota violation, an autonomous system (AS) path loop, or a hold timer expiry. That repetitive manual work prolongs recovery. […]

Private connectivity patterns for Amazon Bedrock AgentCore Gateway Targets

Private connectivity patterns for Amazon Bedrock AgentCore Gateway Targets

Private connectivity from AgentCore Gateway to your targets reduces compliance scope and simplifies auditing making it a common requirement in regulated environments. Whether your targets run inside an Amazon Virtual Private Cloud (Amazon VPC), across AWS accounts, in other AWS Regions, on-premises, or in multicloud environments, you need connectivity patterns that keep traffic off the public internet […]

Migrate from Static Routing to Dynamic BGP Routing on AWS Site-to-Site VPN

Migrate from Static Routing to Dynamic BGP Routing on AWS Site-to-Site VPN

Introduction AWS Site-to-Site (S2S) VPN is a fully managed service that enables you to establish secure connections between your on-premises networks and AWS using IP Security (IPSec) tunnels. When configuring these connections AWS Site-to-Site (S2S) VPN offers two routing options: static and dynamic routing with Border Gateway Protocol (BGP). While static routing offers simplicity for […]

Selecting the Right AWS VPN Solution: A Decision Framework

Introduction This post is intended for networking engineers and architects evaluating AWS VPN options (200-level content). It assumes familiarity with basic AWS networking concepts such as virtual private clouds (VPCs), virtual private gateways (VGWs), and transit gateways (TGWs). If you are new to AWS VPN, the AWS VPN User Guide provides foundational context. Organizations implementing […]

Introducing AWS Client VPN native AWS Transit Gateway attachment

AWS Client VPN now supports native attachment to AWS Transit Gateway, eliminating the need for a dedicated hosting VPC. This post walks through how to configure the integration, preserve source IP addresses end-to-end without SNAT, and centralize remote access across multiple VPCs and on-premises networks in a multi-account architecture.

LexisNexis Risk Solutions success story: Enhancing global connectivity with AWS Cloud WAN

In this post, we review how LexisNexis Risk Solutions modernized their Amazon Web Services (AWS) network by migrating from a legacy Transit Virtual Private Cloud (Transit VPC) architecture to a highly resilient global backbone network built with AWS Cloud WAN. We also dive deep into how AWS Cloud WAN helped LexisNexis Risk Solutions achieve streamlined […]

Streamline AWS Client VPN usage reporting with Amazon CloudWatch Logs Insights queries

Streamline AWS Client VPN usage reporting with Amazon CloudWatch Logs Insights queries

AWS Client VPN is a managed client-based VPN service that enables you to securely access your Amazon Web Services (AWS) resources and resources in your on-premises network. Amazon CloudWatch Logs Insights allows you to interactively search and analyze your log data in Amazon CloudWatch Logs. You can perform queries to help you more efficiently and […]

AWS Site-to-Site VPN and eero make remote connectivity for disctributed sites simpler

AWS Site-to-Site VPN and eero make remote connectivity for distributed sites simpler

Amazon Web Services (AWS) is working with eero to make it simpler and more convenient for organizations to establish secure connectivity between their remote sites and AWS in just a few clicks. The integration of AWS Site-to-Site VPN with eero’s devices enables organizations to scale site connectivity across many locations faster and more efficient, without requiring […]