I'm new to aws, and I'm stuck with a problem.
I summarize, I have several VLANs through a VPN and I would like certain VLANs (in red in the scheme) to be accessible through direct connect and not through the VPN. How can I do it?
I have tried adding a new route table, and that the desired VLANs are routed through the DX. But I can only choose vgw, igw.
How do I connect the Direct Connect Gateway to the VPC? Do I need Transit Gateway?
Thanks
There are a few options here.
First, you can create private virtual interfaces using your direct connect terminating at the VPCs. This creates a direct connection between your direct connect and the VPC. You can create one for each VPC, or you can have multiple, or you can do something like a transit gateway.
An alternative would be to configure a public virtual interface. A public VIF creates a direct route between you and any public AWS IP (with caveats for BGP peers, i.e. you can limit to certain BGP peers like North America). Because you already have VPNs in place (which terminate on public AWS IPs), a public VIF will allow you to route using your VPNs over your direct connect. This won't be as performant as the private VIF, but will give you VPN over Direct Connect.