AWS Site-to-Site VPN Enhances Connectivity with IPv6 Outer Tunnel Support
Seattle, WA – July 8, 2025 – Amazon Web Services (AWS) today announced a significant advancement for its AWS Site-to-Site VPN service, introducing support for IPv6 addresses on the outer tunnel interface. This new capability allows customers to establish secure VPN connections between their on-premises networks and AWS VPCs using IPv6 addresses for the VPN tunnel endpoints, further expanding connectivity options and future-proofing network infrastructure.
The growing adoption of IPv6 globally necessitates robust support for this protocol across cloud networking services. With this update, AWS continues its commitment to providing customers with the flexibility and scalability needed to build and manage their hybrid cloud environments.
Key Benefits and Implications:
- Enhanced Network Flexibility: This feature empowers organizations that have already transitioned or are planning to transition to IPv6 to seamlessly integrate their IPv6-enabled networks with AWS. It eliminates the need for complex network address translation (NAT) workarounds when connecting IPv6-only on-premises environments to AWS.
- Future-Proofing Infrastructure: By supporting IPv6 for the outer tunnel IPs, AWS Site-to-Site VPN aligns with the global shift towards the next-generation internet protocol. This proactive approach ensures that customer infrastructure remains compatible with evolving network standards.
- Simplified IPv6 Connectivity: Customers can now configure their AWS Site-to-Site VPN connections with IPv6 addresses on both ends of the tunnel, simplifying the overall setup and management of IPv6-based connectivity between their on-premises data centers and AWS.
- Improved Address Space Utilization: As IPv4 address exhaustion becomes a more pressing concern, the widespread adoption of IPv6 offers a virtually unlimited supply of IP addresses. This feature facilitates the efficient use of this expanded address space for secure communication.
- Seamless Integration: This enhancement works in conjunction with existing AWS Site-to-Site VPN capabilities, including support for both static routing and dynamic routing protocols like Border Gateway Protocol (BGP) over IPv6. This ensures a smooth transition and integration for existing and new VPN deployments.
How it Works:
Previously, AWS Site-to-Site VPN exclusively utilized IPv4 addresses for the outer tunnel interface. With the introduction of IPv6 support, customers can now specify IPv6 addresses for their customer gateway device and the virtual private gateway or transit gateway attachment, establishing a secure IPsec tunnel over IPv6. This allows for direct communication between IPv6 endpoints without reliance on IPv4.
Customer Impact:
This update is particularly beneficial for organizations that are:
- Operating IPv6-only networks on-premises.
- Planning or executing a transition to IPv6.
- Seeking to leverage the advantages of IPv6 for enhanced network scalability and efficiency.
- Looking to simplify their hybrid cloud networking architecture by eliminating IPv4 dependencies for VPN connectivity.
AWS continues to invest in expanding its networking services to meet the evolving demands of its global customer base. The introduction of IPv6 outer tunnel IP support for Site-to-Site VPN is a testament to this ongoing commitment, providing customers with the advanced capabilities required for modern, scalable, and future-ready cloud connectivity.
For more detailed information on configuring AWS Site-to-Site VPN with IPv6, please refer to the official AWS documentation.
AWS Site-to-Site VPN now supports IPv6 addresses on outer tunnel IPs
AI has delivered the news.
The answer to the following question is obtained from Google Gemini.
Amazon published ‘AWS Site-to-Site VPN now supports IPv6 addresses on outer tunnel IPs’ at 2025-07-08 20:06. Please write a detailed article about this news in a polite tone with relevant information. Please reply in English with the article only.