Client VPN attachments in AWS Transit Gateway

When you associate a Client VPN endpoint with a transit gateway, a Client VPN attachment is automatically created, allowing you to route traffic between your VPCs, on-premises networks, and Client VPN endpoints. AWS Transit Gateway supports cross-account Client VPN attachments, allowing accounts that the transit gateway is shared with to create their own Client VPN attachments.

After the Client VPN endpoint is associated with a transit gateway, you can view the attachment in the Transit Gateway console under Transit gateway attachments. The attachment will be listed with a type of Client VPN.

Requirements and limitations

Your transit gateway must have an assigned IPv4 or IPv6 CIDR block before you can create a Client VPN attachment.
Route table propagation must be enabled for Client VPN attachments to allow traffic between your Client VPN endpoint and transit gateway. See Enable route propagation.

Tasks

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Delete a VPN Concentrator attachment

Create a Client VPN attachment