You have configured a dynamic VPN between your datacenter and your VPC.
But you are not able to see the routes for the connection.
What could be the possible reason for this?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - C.
For routes to be dynamically setup , you neeed to have route propogation setup on your routing table.
The AWS documentation in addition mentions the following.
If you've attached a virtual private gateway to your VPC and enabled route propagation on your route table, routes representing your VPN connection automatically appear as propagated routes in your route table.
For more information on Route tables please refer to the below URL:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.htmlThe possible reason why you are not able to see the routes for the dynamic VPN connection could be due to the following:
C. The route propagation is not set in the Route table: When you set up a dynamic VPN between your datacenter and VPC, you need to propagate the routes from the VPN connection to the route table. This enables the VPC to learn the routes for your datacenter. If the route propagation is not set in the route table, the VPC will not be able to learn the routes, and you will not be able to see the routes for the dynamic VPN connection.
A. The NACLs are not configured properly: Network Access Control Lists (NACLs) are used to filter traffic at the subnet level in AWS. If the NACLs are not configured properly, they can block the traffic from the VPN connection to the route table, and this will prevent the VPC from learning the routes.
B. The internal firewall is blocking the routes: If there is an internal firewall between your datacenter and the VPC, it could be blocking the routes from the VPN connection. This can happen if the firewall is configured to block traffic from the VPN connection to the route table.
D. You have not set BFD for the connection: Bidirectional Forwarding Detection (BFD) is a protocol used to detect faults in network paths. If BFD is not set for the connection, the VPC may not be able to detect if the connection is down. This can prevent the VPC from learning the routes for the dynamic VPN connection.
In summary, the most likely reason why you are not able to see the routes for the dynamic VPN connection is that the route propagation is not set in the route table. However, it's important to check the NACLs and internal firewall to ensure they are not blocking the traffic, and also ensure BFD is set for the connection to detect faults.