I already searched through the Internet and read a lot of manuals but I cannot get a grip on the topic.
I want to create a VPN connection from my customers checkpoint to my server that is located within my AWS VPC. The connection should be between, I guess it is an Internet gateway on AWS site and my customers checkpoint router.
The customer uses a checkpoint router with a public ip address. What I already know so far is that I need to create a customer gateway with my customer`s public ip address - this is what I did.
Now I do not get it straight. Do I need the following setup:
VPC: which ip: public or private? instance: public or private ip? Internet gateway or virtual private gateway, and which ip (public or private) for IGW or VPG?
In reality I would need a router/gateway with NAT and then I can create a VPN from my customer`s checkpoint to my router. But I do not really understand how I have to configure it in AWS.
Maybe someone has an easy to follow setup tutorial or can describe me what to do exactly?
Thank you very much in advance
If the customer is not already in AWS, there are multiple ways for VPN:
You say that you want the third option: A custom can be setup in various ways and is only partially related to AWS. But I think that "checkpoint is actually this device? If that is the case you can use AWS Site-To-Site VPN (which is IPSec based) and you should be able to connect it with this guide (AWS supports Checkpoint Gaia >=R80.10+).
Note that AWS Site-To-Site VPN is billed hourly when provisioned, even if not connected/used.
If you really need the third option, a custom Site-To-Site VPN, then you have to do the following: