Is it possible to create a VPN link between AZURE VNET and AWS VPC?
As I found solutions on making site-to-site VPN between Azure and AWS using a software VPN server, I'm asking myself if it's possible to connect the VPN gateways (Azure VNET / AWS VPC) directly.
Is there a limitation that forbids it ?
Solution 1:
I spent some time working on this today, and as far as I can tell, it is not currently possible. While you can get the gateway IP addresses and pre-shared keys synced up, you don't seem to have any control over the IKE parameters for either cloud provider's gateways. AWS wants to use AES-128-CBC, and Azure wants to use AES-256, and that's all she wrote. (Azure may also not yet support group 2 PFS for the IPSEC parameters, but since I couldn't actually get that far, I don't know if there would be a way to address that problem.)
Unless I'm mistaken, it looks like using a software VPN on one side or the other is required for now.