Welcome to Aviatrix Docs¶
All Aviatrix product documentation can be found here. If you cannot find what you need, email us at support@aviatrix.com. Hats off to all who helped fix typos and mistakes. You can do that too by clicking the “Edit on GitHub” button on the top right corner of any document. Please also visit our main website for more information regarding use cases and upcoming events.
While all content is searchable, the site is organized into the following sections:
- Getting Started
- Onboarding and Accounts
- Gateway
- Next Gen Transit for AWS
- Next Gen Transit for Azure
- Firewall Network (FireNet)
- Transit DMZ
- Peering
- Site2Cloud
- OpenVPN®
- Security
- Useful Tools
- Settings
- Troubleshoot
- REST APIs
- Downloads
- Release Notes
- Tech Notes
- Good To Know
- Support Center
- IPmotion
Getting Started¶
Onboarding and Accounts¶
Next Gen Transit for AWS¶
- Next Gen Transit for AWS FAQ
- AWS Transit Gateway Orchestrator Plan
- AWS Transit Gateway Orchestrator Build
- AWS Transit Gateway Orchestrator Design Patterns
- Transit Gateway Peering
- Migrating a CSR Transit to Next Gen Transit for AWS
- Aviatrix Transit Gateway to External Devices
- High Performance Transit Network - Insane Mode
- Insane Mode Encryption Performance
- Global Transit Network Workflow Instructions (AWS/Azure)
- Transit VPC/VNET FAQ
- Transit Network Design Patterns
Next Gen Transit for Azure¶
Firewall Network (FireNet)¶
Transit DMZ¶
Security¶
Peering¶
Site2Cloud¶
- Site2Cloud FAQs
- Site2Cloud IPSec VPN Instructions
- Aviatrix Gateway to Azure VPN Gateway
- Aviatrix Gateway to Aviatrix Gateway
- Aviatrix Gateway to AWS VGW
- Aviatrix Gateway to Oracle DRG
- Aviatrix Gateway to Palo Alto Firewall
- Aviatrix Gateway to Check Point
- Aviatrix Gateway to Cisco ASA
- Aviatrix Gateway to Cisco IOS Router
- Aviatrix Gateway to pfSense
- Aviatrix Gateway to FortiGate
- Aviatrix Gateway to Meraki MX64
- Aviatrix Gateway to Meraki vMX100
- Aviatrix Gateway to Juniper SRX
- CloudN for Site2Cloud
- Site2Cloud Case Study
- Encryption over DirectConnect/ExpressRoute
- Connect Networks With Overlap CIDRs
OpenVPN®¶
- Configuring Aviatrix User SSL VPN
- Aviatrix OpenVPN® FAQs
- How do I launch a VPN gateway?
- How can I avoid managing multiple VPN user certs?
- How do I scale out VPN solution?
- How do I setup Okta authentication for VPN?
- How do I enable Geo VPN?
- How do I add a VPN user?
- What user devices are VPN client software supported?
- Is NAT capability supported on the gateway?
- Is full tunnel mode supported on the gateway?
- Can the maximum number of simultaneous connections to VPN gateway be configured?
- What is user profile based security policy?
- How do I setup profile based security policies?
- How do I assign a user to a profile?
- What if I want to change profile policies?
- How do I change a user’s profile programmatically?
- Is DUO multi-factor authentication supported?
- How do I configure LDAP authentication?
- Can I combine LDAP and DUO authentication?
- Is OKTA supported?
- How does Policy Based Routing (PBR) work?
- What are the monitoring capabilities?
- Does Aviatrix OpenVPN® solution support SAML client?
- When should I use the Aviatrix VPN client?
- Are multiple VPN configuration profiles supported by the Aviatrix VPN client?
- What is “Client Certificate Sharing”?
- How to fix Aviatrix VPN times out too quickly?
- Where do I find the log for the Aviatrix Client?
- Why can’t my VPN client access a newly created VPC?
- How to turn off NAT with OpenVPN® gateway?
- What IP Address is used for NAT’ing the VPN Clients?
- Aviatrix OpenVPN® Feature Highlights
- OpenVPN® Design for Multi VPCs
- VPN Access Gateway Selection by Geolocation of User
- UDP LoadBalanced VPN using DNS
- LDAP Configuration for Authenticating VPN Users
- Okta Authentication with Okta API Token
- Duo Authentication
- OpenVPN® with SAML Authentication
- OpenVPN® with SAML Authentication on Okta IDP
- OpenVPN® with SAML Authentication on Google IDP
- OpenVPN® with SAML Authentication on OneLogin IdP
- OpenVPN® with SAML Authentication on AWS SSO IdP
- OpenVPN® with SAML Authentication on Azure AD IdP
- OpenVPN® with SAML Authentication on Centrify IDP
- Anonymous Internet Surfing
- Developer’s Sandbox
- External PKI for OpenVPN Certificates
- VPN User Accelerator
Useful Tools¶
Settings¶
- Controller Backup and Restore
- Controller HA in AWS
- Inline Software Upgrade
- Logging
- Emails and Alert Configuration
- Advanced Config
- Controller LDAP Login Configuration
- Netflow Integration
- AWS CloudWatch Integration
- Aviatrix Controller Login with SAML Authentication
- Controller Certificate Management
- FIPS 140-2 Module
Troubleshoot¶
Downloads¶
Release Notes¶
Tech Notes¶
- Auto Booting CloudN VM Using ISO File
- Hybrid Network Load Balancing (NLB)
- Datadog Integration
- Launch Aviatrix Controller Manually
- Using Aviatrix to Build a Site to Site IPsec VPN Connection
- Aviatrix Controller Security for SAML auth based VPN Deployment
- How to Connect Office to Multiple AWS VPCs with AWS Peering
- Site2Cloud With Customized SNAT
- Site2Cloud with NAT to fix overlapping VPC subnets
- Site2Cloud to a Public IP Address
- Connecting Meraki Network to Aviatrix Transit Network
- Reserve For On-Prem Use
- Deploying Spoke without Programming RFC1918 Routes
- AWS Managed Microsoft AD for Aviatrix
- Insane Mode POC Instructions
- Extending Your vmware Workloads to Public Cloud
- How to Build a Zero Trust Cloud Network Architecture with Aviatrix
- AWS Global Transit Network
- Egress Transit VPC / Central NAT Gateway
- Connect to Floating IP Addresses in Multiple AWS AZs
- Egress NAT to a Pool of IP Addresses
- AWS Transit Gateway Route Limit Test Validation
- Transit Gateway ECMP for DMZ Deployment Limitation Test Validation
- AWS Transit Gateway Orchestrator
- High Performance Encryption with InsaneMode
Good To Know¶
Support Center¶