VPN Setup to 3rd Party AWS Account

The following guide describes how to setup a secure VPN tunnel between Monogoto account to 3rd party AWS account.

1. Login to the Monogoto portal and go to Network.

2. Edit your “data.mono” network.

3. Go to Routes and copy Gateway IP.

4. Login to your AWS VPC and create new Customer Gateway.

5. Enter the Gateway IP from step #3 in the IP Address field.

6. Create a Virtual Private Gateway.

7. To attach the Virtual Private Gateway to your VPC, make sure it is selected, and under “Actions” select Attach to VPC.

In the next screen, select the appropriate VPC from the pulldown.

8. Go to Site-to-Site VPN Connections and select Create VPN Connection.

9. For Virtual Private Gateway, select the Virtual Private Gateway created in step #6.

For Customer Gateway ID, select the Customer Gateway created in step #4.

10. For Routing Options, select Static and enter two rules: one with your AWS VPC CIDR block, and the other with the Monogoto IP pool CIDR block.

11. In the Monogoto portal, go to the Network -> VPN section, and select Add New.

Enter a VPN Name of your choice.

For Destination IP Address, enter the outside IP address of Tunnel 1 of the AWS VPN.

For Destination Network, enter the VPC’s IPv4 CIDR block.

For Pool Name, select your Monogoto IP address pool.

When you are done, click Save & Close, and Apply Settings.

12. Go back to the VPN section and press the Download VPN Config button. Copy the “Pre-Shared Key” from the downloaded config file.

13. In AWS, go back to the Site-to-Site Connection you made earlier, and click Actions -> Modify VPN Tunnel Options.

14. Select the VPN Tunnel Outside IP Address you used to create the Monogoto side of the VPN (in step #11), and paste the Pre-Shared Key copied from the VPN Config. Click save.

15. Go to your VPC’s Route Table and edit Route Propagation.

16. Make sure Propagate is checked for your Virtual Private Gateway and click Save.

17. Make sure you add the Monogoto IP Pool to all relevant Security Groups.

That’s all – the VPN tunnel should now be connected.

Last updated