AWS Site-to-Site VPN

Extend your on-premises networks to the cloud
Get started with Site-to-Site VPN

Why AWS Site-to-Site VPN?

AWS Site-to-Site VPN is a fully-managed service that creates a secure connection between your data center or branch office and your AWS resources using IP Security (IPSec) tunnels. When using Site-to-Site VPN, you can connect to both your Amazon Virtual Private Clouds (VPC) as well as AWS Transit Gateway, and two tunnels per connection are used for increased redundancy.

For globally distributed applications, the Accelerated Site-to-Site VPN option provides even greater performance by working with AWS Global Accelerator to intelligently route your traffic to the nearest AWS network endpoint with the best performance.

Benefits

AWS Site-to-Site VPN delivers high availability by using two tunnels across multiple Availability Zones within the AWS global network. You can stream primary traffic through the first tunnel and use the second tunnel for redundancy — if one tunnel goes down, traffic continues to flow.

With AWS Site-to-Site VPN, you can connect to an Amazon VPC or AWS Transit Gateway the same way you connect to your on-premises servers. AWS Site-to-Site VPN establishes secure and private sessions using IP Security (IPSec).

The Accelerated Site-to-Site VPN option improves the performance of your VPN connection by working with AWS Global Accelerator. AWS Global Accelerator is used to intelligently route traffic to the nearest AWS network endpoint with the best performance.

AWS Site-to-Site VPN gives you visibility into local and remote network health, and monitors the reliability and performance of your VPN connections by integrating with Amazon CloudWatch.

Use cases

Application Migration

Moving applications to the cloud is easier with a Site-to-site VPN connection between your network and the AWS cloud. You can host Amazon VPCs behind your corporate firewall and seamlessly move your IT resources, without changing the way your users access these applications.

Secure communication between remote locations

You can use AWS Site-to-Site VPN connections to securely communicate between remote sites.