AWS VPN configuration questions for TZ 670 running 7.0.1-5119
gomer
Newbie ✭
I have reviewed the documentation regarding configuring AWS VPN on this firewall to allow multiple remote firewalls to access/be accessed by AWS resources.
The current AWS console configuration options are NOT storyboarded in the documentation, and offer many more options than is covered in the instructions.
This is what I see as options in my VPC for configuring a VPN. Each require certs,
What we need is a step-by-step walkthrough of what sort of vpn to make, where to get the certs, what authentication to use and how to set up the addressing and routing.
Category: Entry Level Firewalls
0
Answers
I created a policy group in AWS for "firewalls" and gave them the permissions described in this article.
Then I created a user per firewall and put them in the group.
Then I created an access key for that user.
Then I put that access key and private in the configuration section of the firewall. Yes, I downloaded the csv and copy/pasta'd the key pair directly in to the boxes. They are correct. But they fail, and aws shows them as never being invoked.
pro tip:
When using NSM, the test will "run" prior to deploying the config and fail.
If you DEPLOY the config, then test, it works.