Validate the AWS Transit Gateway Integration CloudBlade
Table of Contents
Validate the AWS Transit Gateway Integration CloudBlade
Lets see how to validate the AWS transit gateway integration
cloudblade in Prisma SD-WAN.
The Prisma SD-WAN AWS Transit Gateway Integration
CloudBlade automatically provisions a pair of vIONs in an AWS Connect
VPC. The AWS route tables for the DC IONs are updated to establish
a GRE tunnel between the AWS DC vIONs and the Transit Gateway Connect
peers. BGP core peering will be established over the GRE tunnel.
The
AWS transit gateway ASN number should not match with the Prisma
SD-WAN default ASN value of 64512.
The following steps
can be used to validate if the CloudBlade is working as intended:
- Check the status indicator on the CloudBlade window. Once enabled and deployed correctly, the status indicator should turn green.
![]()
If the access credentials are invalid, the status indicator will throw an “Invalid AWS credentials error message”![]()
Check if the Prisma SD-WAN Datacenter site has been created in the AWS cloud and if the vION HA pair has been assigned to this site.![]()
Go to the Active ION’s Interface configuration window and check if the GRE VPN has been created.![]()
- Click on the interface to check the IP address configuration.
![]()
Go to the 2nd ION’s interface configuration window and check the GRE tunnel interface configuration.![]()
Check if the core BGP peering between each vION and the Transit Gateway Connect peer is UP.![]()
![]()
Check if both the vIONs have learned the prefixes from the Application VPC behind the AWS Transit Gateway and the active ION has learned and advertised the routes.![]()
![]()
![]()
