Category: aviatrix

  • Create BGP over GRE tunnel between Aviatrix Transit and Palo Alto Firewall

    Here’s a case where customer wants to create BGP over GRE tunnels between Palo Alto Firewall and Aviatrix Transit Gateways. Palo Alto have some articles but not very clear, this blog will serve as a reminder how this is done. Credit to Pranay for helping out the BGP peering part on Palo. This is a […]

  • Direct Connect to Aviatrix Transit – Option 1

    This is the first of the three articles. It will be the easiest to accomplish but with constrains. Virtual Private Gateway (VGW) has to be created in the same region as the Direct Connect Private Virtual Interface (VIF). Each VIF is dedicated to one VGW. VGW is NOT attached to the VPC Aviatrix orchestrate Customer […]

  • Using AWS TGW Connect with Aviatrix Transit to build GRE tunnels

    When customers are migrating to Aviatrix Transit from AWS TGW, we would build BGP connectivity between AWS TGW with Aviatrix Transit. In the past, we have to use IPSec, which would be limited to 1.25G per tunnel connection speed, for customer’s that doesn’t require end to end encryption during the migration, with AWS TGW Connect, […]

  • Multi-homed VM in different Clouds

    Many enterprises venture into clouds and find the landscape of cloud networking very different from on-prem. Multi-homed devices such as routers and firewalls when deploy to the cloud also are having challenges to insert themself into traffic path, particularly due the reasons listed below. This in turn slows down the enterprises adoption speed to the […]

  • Terraform init failed to download providers

    One of our customers are looking to use Aviatrix to automatic their self-service process for AWS China region. The issue they are running into, was the terraform init would fail 50% of time. Is there anything we can do to help in this situation? What are providers? Terraform uses plug-ins called providers to translate terraform […]

  • Deploy Aviatrix Metered Controller in Azure

    This is a quick write up of deploying Aviatrix Metered Controller in Azure 1. Azure Marketplace -> Search for Aviatrix, then Subscribe to Aviatrix Secure Networking Platform Metered 2208 – Copilot & 24×7 Support 2. Click on Subscribe 3. Select your Subscription and Resource Group, give it a name: Note 1 4. Click on Configure […]

  • Integrate Okta IdP with Aviatrix controller

    In this blog, I will show you step by step integrating Okta IdP (identity provider) with Aviatrix controller. Okta configuration First sign up with okta. In this example, I’m signing up as a developer account:https://developer.okta.com/signup/I’ve chosen to continue with my google account Once logged in, Applications -> Applications -> Create App Integration Choose SAML 2.0 […]

  • Secure Aviatrix Controller with Azure Application Gateway V2

    Aviatrix controller is already hardened. You may further lock it down with Settings -> Controller -> Access Security -> Controller Security Group Management. The controller would be protected by Security Group allowing access only from Aviatrix Gateways. Customer can add their own egress public IPs and CoPilot public IPs to security group, allowing inbound HTTPs […]

  • Add SSL Certificate to Aviatrix Controller

    When first launched Aviatrix controller from marketplace, the Aviatrix controller give itself a self-signed certificate, and you have to use https://controller-ip to access it, which may not meet compliance requirement. This blog will talk about getting a public trusted SSL certificate for Aviatrix controller. First you will need to own a domain name, there are […]

  • Enable private connectivity to workloads deployed in multiple default VPCs – Part 1

    Scenario: One of our customers are primary in Azure, after merger and acquisitions, them acquired hundreds of AWS accounts, where workloads are deployed to default VPCs, which all have this address space: 172.31.0.0/16 They are looking for a solution to provide bi-directional private connectivity to these workloads in AWS from Azure without overhead of route […]