Configuring Encrypted Peering
Aviatrix provides a point-and-click solution to create an encrypted tunnel between two VPC/VNets. The two VPC/VNets could be in the same region, in different regions (inter region), and in different clouds (inter cloud).
This guide helps you configure an encrypted peering.
-
At the Gateway menu, create a gateway in an existing VPC/VNet.
-
Repeat the step 1 for a different VPC/VNet
-
To enable Peering HA, go to Peering > Encrypted Peering > New peering, select the two gateways launched in the previous two steps.
-
Select Enable HA if you wish to build a backup encrypted tunnel for HA.
-
Note that you must first create two respective backup gateways prior to this step.
-
To launch backup gateways, go to the Gateway page, select the gateway, click Edit, at the Gateway for High Availability Peering field, select one subnet (public in AWS, GCP, and OCI), and click Create.
-
Go to Peering > Encrypted Peering and click New Peering to peer the two gateways.
If the two gateways have Insane Mode Encryption enabled, the Controller automatically creates an AWS VPC Peering (PCX)/Azure VNet Peering and establishes high performance encrypted peering between the two gateways. |
AWS VPC Peering
The Aviatrix Controller integrates native AWS VPC Peering for both intra region peering and inter region peering, where it is available. Cross account peering is also supported. We have made it simple for AWS VPC Peering by integrating route table programming and integrating requester and acceptor into one step. You can also decide which route table to participate in the AWS VPC Peering.
To configure:
-
Go to Peering > AWS Peering > New Peering.
-
Select the account, region, and VPC.
-
You can choose to build the peering for the entire VPC or select individual route tables.
-
Click OK.
Azure VNET Peering
The Aviatrix Controller integrates native Azure VNET Peering for both intra region peering and inter region peering. Cross subscription peering is also supported as long as both subscriptions are onboarded to the controller.
To configure:
-
Go to Peering > Azure Peering > New Peering.
-
Select the subscription, region, and VNET.
-
Click OK.
MultiCloud Peering
MultiCloud Peering configuration is the same way as Encrypted Peering. You launch two gateways in a VPC or VNet, follow the Encrypted Peering to complete.