4- AWS VGW to SRX on customer premises


Quick Configs Juniper - AWS IPsec Site to Site VPN


Create a secure link ( IPsec tunnel) between AWS's VPC and On premise DC.


AWS - Creating VPN - Customer & Virtual Private Gateway



1- Create a VPC ( CIDR not overlapping onpremise DC Address )

2- Associate a Security Group with VPC

3- create a Customer gateway or cGW ( point to remote SRX )

  1. Static:                              Name, Public IP@ of SRX/DC GW
  2. Dynamic: using BGP:      Name, Public IP@ of SRX/DC GW,  AS# ( eBGP session ? )

3- Create a Virtual Private Gateway or vGW ( point to internal AWS infrastructure )

  1. Attach to VPC

4- Create a VPN Connection

  1. Name,
  2. one side: attach to vGW ( point to internal AWS infrastructure )
  3. other side: attach to  cGw ( point to remote SRX )
  4. Static route or the remote DC ( Private IP@ of DC ) or Dynamic ( BGP will exchange DC IP@ )


5- vSRX configuration

vsrxipsec root / juniper123

#load factory-default

set system root-authentication plain-text-password #then enter juniper123
set system host-name vsrxipsec