Site2Site VPN (Amazon - Company)
We're running a firewall cluster based on R77.30 and what to setup a IPsec VPN tunnel with Amazon VPC
But there's a known issue with R77.30 and VTI's
If CoreXL is disabled we see a very High CPU usuage.
That's why we want to setup an IPSec without VTI's, instead of updating to R88.10 first.
When downloading the Configuration file from Amazon:
- Vendor: Generic
- Platform: Generic
- Software: Vendor Agnostic
Within the config file there's a part about the Inside IP Address
|The Customer Gateway inside IP address should be configured on your tunnel|
|Outside IP Addresses:|
- Customer Gateway : a.b.c.d.
- Virtual Private Gateway : z.y.x.w
Inside IP Addresses
- Customer Gateway : 169.254.22.106/30
- Virtual Private Gateway : 169.254.22.105/30
How can I configure the inside Customer Gateway and Inside Virtual Private Gateway without using VTI's ?
The following SK article has been followed (sk113840)