The configuration guide for the AWS end of the Site-to-Site VPN tunnel.
The following describes precisely how to do each of these steps in such a way that the AWS side of the VPN connection will behave as expected.
First, you'll need to create a virtual private gateway and attach it to the existing AWS VPC. **** This gateway that will act as a VPN concentrator on the AWS side.
From the VPC creation screen in your AWS account, navigate to Virtual private network (VPN) -> Virtual private gateways.
The "virtual private gateways" link.
Select the orange Create virtual private gateway button in the upper right-hand corner to begin configuring the gateway. This will lead you to the configuration screen, as shown below.
The virtual private gateway creation screen.
After the virtual private gateway has been created, attach the gateway to the VPC by selecting Actions -> Attach to VPC.
The "Attach to VPC" option in the "Actions" menu.
Select the VPC to which you'd like the gateway to be attached. Then, click Attach to VPC.
Second "Attach to VPC" configuration screen.
Next, using the inputs described below to configure the VPN, you'll need to initialize the Site-to-Site VPN connection on the AWS side.
Navigate to Virtual private network (VPN) -> Site-to-Site VPN Connections.
The "Site-to-Site VPN Connections" option under "Virtual private network (VPN)".
Select the orange Create VPN connection button in the upper right hand corner of the screen. This will launch the configuration screen for the VPN connection.
Options will be configured as shown in the screenshot and detailed in the table below.
The "Details" section of the new Site-to-Site VPN connection configuration menus.
This will be the IP address of your CoreWeave VPN, however configuring this is at the time of this guide's writing comes with a bit of a catch.
At this time, there is no way to get the AWS tunnel endpoint IP before going through all steps, so the following workaround must be employed**.**
- 1.A random IP must be added as the IP address for the first pass of these steps.
- 3.After the CoreWeave VPN has been created and you have taken note of the IP assigned to your CoreWeave VPN, create a new AWS Customer Gateway with the new CoreWeave VPN IP Address by navigating to Virtual Private Network -> Customer Gateways.
- 4.After the new Customer Gateway is created, edit the previously created VPN by navigating to Virtual Private Network -> Site-to-Site VPN Connections.
- 5.Select your VPN, then edit it by seleting Actions -> Modify VPN connection.
- 6.Select your newly created Customer Gateway in the Target customer gateway dropdown.
After completing the initial setup for the VPN, you'll need to configure further VPN settings for the tunnel under the Tunnel 1 options menu.
These options should be configured following the instructions detailed in the following table.
The following table describes what the configurations for the advanced Tunnel 1 options should be.
The following screenshot exemplifies what these configurations look like.
Advanced Tunnel 1 options.
Once the AWS VPC has been created and the VPN connection has been configured, a route must be added back to the CoreWeave VPC network.\
To do this, configure the routing tables found under Virtual private cloud -> Route tables.
Route tables option menu under the virtual private cloud menu.
Click the route table ID to open the configuration options for that table, and click the grey Edit routes button in the upper-right hand corner of the lower menu.
In the Edit routes menu, configure Destination as the CoreWeave VPC network name, and for Target, configure the AWS virtual private gateway that was created at the beginning of this process.
Edit routes screenshot.
The newly created VPN is now viewable by navigating to Virtual Private Network -> Site-to-Site VPN Connections. Click the VPN ID to see details about the tunnel.