Professional Documents
Culture Documents
Questionnaire 002 Enew
Questionnaire 002 Enew
Project Contact
Technical Contact
Network Contact
Parameter Value
AWS Account Number
AWS Region
Address
Phone Telefax Location (If different from above)
ustomers%20HEC%20on%20AWS/AllItems.aspx
SAP Enterprise Cloud Services - Connectivity Support
AWS VPN Connectivity Questionnaire
Note: If more than one connection is needed, simply copy this worksheet and name it "VPN Option <x>" and provide the
Sheet per VPN Connection). Generally the contracts includes 1 VPN package which allows 10 VPNs without redundant con
then only upto 5 VPNs are poissible per data center.
The AWS VPN connection consists of three components
1) Virtual Private Gateway(VGW) which is the router on the AWS side
2) Customer Gateway (CGW) which is the router on the customer side
3) A S2S VPN connection bonding the VGW and CGW together over two secure IP Sec tunnels in a active/passive configur
Parameter Value
VPN Type
Route-based
Section 2 : To be filled by Customer.
(CAA should facilitate this information to ensure connectivity is established before the system delivery for new setup. In c
before S2D or for subsequent setups,, the SAP ECS CFU will help collect the information)
Customer Gateway (CGW) - A customer gateway is a physical device or software application on the customer side of the
Parameter Value
Customer VPN Gateway Details
Note: Pre-shared key need to be defined and exchanged separately If not shared with this questionnaire, SAP will create a
customer.
After VPN procedure is completed in AWS, SAP ECS network engineer will download the configuration information and se
customer gateway device or software application in opn-prem. The VPN tunnel will be UP only when traffic is initiated fro
VPN Option <x>" and provide the details of additional connection in that sheet (One
ws 10 VPNs without redundant connections. If Redundant connection is chosen below,
ng unit (CFU))
the Amazon side of the Site-to-Site VPN connection. You create a virtual private
onnection
Additional Data
system delivery for new setup. In case customer could not provide the info to CAA
n)
this questionnaire, SAP will create a strong pre-shared key and securely send to the
Parameter Value
VPN Type
Route-based
Section 2 : To be filled by Customer.
(CAA should facilitate this information to ensure connectivity is established before the system delivery for new setup. In c
before S2D or for subsequent setups,, the SAP ECS CFU will help collect the information)
Customer Gateway (CGW) - A customer gateway is a physical device or software application on the customer side of the
Parameter Value
Customer VPN Gateway Details
Note: Pre-shared key need to be defined and exchanged separately If not shared with this questionnaire, SAP will create a
customer.
After VPN procedure is completed in AWS, SAP ECS network engineer will download the configuration information and se
customer gateway device or software application in opn-prem. The VPN tunnel will be UP only when traffic is initiated fro
VPN Option <x>" and provide the details of additional connection in that sheet (One
ws 10 VPNs without redundant connections. If Redundant connection is chosen below,
ng unit (CFU))
the Amazon side of the Site-to-Site VPN connection. You create a virtual private
onnection
Additional Data
system delivery for new setup. In case customer could not provide the info to CAA
n)
this questionnaire, SAP will create a strong pre-shared key and securely send to the
Parameter Value
VPN Type
Route-based
Section 2 : To be filled by Customer.
(CAA should facilitate this information to ensure connectivity is established before the system delivery for new setup. In c
before S2D or for subsequent setups,, the SAP ECS CFU will help collect the information)
Customer Gateway (CGW) - A customer gateway is a physical device or software application on the customer side of the
Parameter Value
Customer VPN Gateway Details
Note: Pre-shared key need to be defined and exchanged separately If not shared with this questionnaire, SAP will create a
customer.
After VPN procedure is completed in AWS, SAP ECS network engineer will download the configuration information and se
customer gateway device or software application in opn-prem. The VPN tunnel will be UP only when traffic is initiated fro
VPN Option <x>" and provide the details of additional connection in that sheet (One
ws 10 VPNs without redundant connections. If Redundant connection is chosen below,
ng unit (CFU))
the Amazon side of the Site-to-Site VPN connection. You create a virtual private
onnection
Additional Data
system delivery for new setup. In case customer could not provide the info to CAA
n)
this questionnaire, SAP will create a strong pre-shared key and securely send to the
Parameter Value
Usage Scenario
Direct Connect
Provider/Partner
Direct Connect
Region/Location
Minimum Links
VLAN ID
Customer On-Premises
Network IP ranges
Note: BGP shared key (will be defined and exchanged separately during setup). If not shared with this questionnaire,
setup.
MD5 Key
Direct Connect ID
(Resource ID of existing
Direct Connect)
Customer On-Premises
Network IP ranges
AWS Direct Connect links can also be shared across accounts by using separate VIFs as described here:
https://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html
https://aws.amazon.com/jp/blogs/aws/aws-direct-connect-more-connection-speeds-new-console-multiple-accounts/
upport
name it "Direct Connect Option <x>" and provide the details of additional connection in that sheet (One Sheet per Direct
efore the system delivery for new setup. In case customer could not provide the info to CAA before S2D or for subsequent
Additional Data
ml
Notes/Information
omer could not provide the info to CAA before S2D or for subsequent
Notes/Information
If New / Dedicated - Provide inputs to rows 13 to 20 only
If Shared - Provide Inputs to rows 22 to 24 only. Shared means
customer is planning to use an existing Direct Connect instead
of provisoning new one
If Physical then SAP will provide a LOA to the email address of
the customer network contact listed on the Customer Data
sheet
Above details will be exchanged between HEC Delivery and Customer. Both parties have to follow the procedure given
establish VPC peering.
For more details about VPC peering scenarios please visit the following link for more details
https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html
https://docs.aws.amazon.com/vpc/latest/peering/invalid-peering-configurations.html
y Support
and name it "VPC Peering Option <x>" and provide the details of
on)
ed before the system delivery for new setup. In case customer could
P ECS CFU will help collect the information)
oth parties have to follow the procedure given in the below link to
Customer VPC ID
Above details will be exchanged between SAP ECS Delivery and Customer. Both parties have to follow the procedure g
For more details about VPC peering scenarios please visit the following link for more details
https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html
https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpc-attachments.html
upport
re
e it "Transit Gateway Accept <x>" and provide the details of additional connection in that sheet (One Sheet per Connection)
ype like VPN or Direct Connect are not possible.
before the system delivery for new setup. In case customer could not provide the info to CAA before S2D or for subsequent setups,,
oth parties have to follow the procedure given in the below link to establish VPC peering.
or more details
tional connection in that sheet (One Sheet per Connection)
Customer DX Gateway ID
Above details will be exchanged between SAP ECS Delivery and Customer. Both parties have to follow the procedure g
to establish VPC peering.
For more details about Direct Connect Gateway associations please visit the following link for more details:
https://docs.aws.amazon.com/directconnect/latest/UserGuide/virtualgateways.html
y Support
and name it "Direct Connect Gateway Option <x>" and provide the
ect Gateway Connection)
ed before the system delivery for new setup. In case customer could
P ECS CFU will help collect the information)
r. Both parties have to follow the procedure given in the below link