Athena NGFW (Next-Generation Firewall)

Athena NGFW (previously known as Network Secure) provides comprehensive protection for every network perimeter, ensuring the safety of your valuable assets, data, and users from emerging threats.
{{ $t('productDocDetail.guideClickSwitch') }}
{{ $t('productDocDetail.know') }}
{{ $t('productDocDetail.dontRemind') }}
8.0.107
Athena NGFW (Next-Generation Firewall) {{ breadTitle }} User Manual Network Sangfor/IPSec VPN IPsec VPN Tunnel Between Athena NGFW and AWS (Route Mode) Procedures Configure AWS
{{sendMatomoQuery("Athena NGFW (Next-Generation Firewall)","Configure AWS")}}

Configure AWS

{{ $t('productDocDetail.updateTime') }}: 2026-04-29

Steps

Step 1.Create a VPC.

Step 2.Configure a network ACL and a security group.

By default, the ACL and the security group allow all traffic. To facilitate testing, the default settings are used. In actual scenarios, allow traffic based on your business needs.

Step 3.Create a customer gateway.

Step 4.Create a virtual private gateway.

Step 5.Create a site-to-site VPN connection, and obtain the public IP address.

Specifically, select the customer gateway and virtual private gateway created in the foregoing steps, set Routing options to Static, and select the internal network segments of the Athena NGFW firewall.

After the connection is created, it takes about 10 minutes to take effect. Be patient.

Then, obtain the public IP address.

By default, AWS automatically generates two tunnels when a VPN connection is created. This example uses only one of the two tunnels for description.

Step 6.Configure a route.