4- AWS VGW to SRX on customer premises
Quick Configs Juniper - AWS IPsec Site to Site VPN
Create a secure link ( IPsec tunnel) between AWS's VPC and On premise DC.
AWS - Creating VPN - Customer & Virtual Private Gateway
1- Create a VPC ( CIDR not overlapping onpremise DC Address )
2- Associate a Security Group with VPC
3- create a Customer gateway or cGW ( point to remote SRX )
- Static: Name, Public IP@ of SRX/DC GW
- Dynamic: using BGP: Name, Public IP@ of SRX/DC GW, AS# ( eBGP session ? )
3- Create a Virtual Private Gateway or vGW ( point to internal AWS infrastructure )
- Attach to VPC
4- Create a VPN Connection
- Name,
- one side: attach to vGW ( point to internal AWS infrastructure )
- other side: attach to cGw ( point to remote SRX )
- Static route or the remote DC ( Private IP@ of DC ) or Dynamic ( BGP will exchange DC IP@ )
5- vSRX configuration
vsrxipsec root / juniper123
#load factory-default
set system root-authentication plain-text-password #then enter juniper123
set system host-name vsrxipsec