AWS deployment with VSX on-prem gateway

Question asked by Ole Jakobsen on Aug 15, 2018
Latest reply on Aug 16, 2018



I'm trying to do a deployment of CG in a AWS Transi VPC.


I have read the guides Transit VPC for AWS R80.10 Deployment Guide and CloudGuard for AWS - Transit VPC Architecture, I have watched the video Step by Step deployment of automated, multi hub Transit VPC.


One thing that is described in every guide is to make a VTI between the on-prem gateway via the Direct Connect (DC) to the gateways in the Transit VPC.


My challange is that the on-prem gateway that is used to connect to the DC is a VS on VSX where VTI is not supported. (See: VSX supported features on R75.40VS and above)


As I understand the VTI is primarily used with the BGP peering so the peers is directly connected.


Then my solution to the unsupported VTI on VSX is to use BGP multihop os I don't need the VTI.


Can any of you see any issues with this solution?


I'm looking forward to any reply to this question 



Ole J