--- title: "Guide to AWS Configuration | Nordlayer" slug: "aws-configuration-details" description: "This article explains how to get the required information for setting up a site-to-site connection between NordLayer and AWS.Step 1: Download AWS configuration Log in to the AWS Management Console." updated: 2026-05-07T08:58:58Z published: 2026-05-07T08:58:58Z --- > ## Documentation Index > Fetch the complete documentation index at: https://help.nordlayer.com/llms.txt > Use this file to discover all available pages before exploring further. # Guide to AWS Configuration This article explains how to get the required details for setting up a site-to-site connection between NordLayer and AWS. ## Step 1: Download AWS configuration 1. Log in to the AWS Management Console. 2. Navigate to "**Site-to-Site VPN Connections**" in the VPC Dashboard. 3. Select the appropriate VPN connection and click on "**Download Configuration**". ![Download Configuration 1](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/16%20Setting%20up%20site-to-site%20on%20AWS%20Virtual%20Gateway.png) 1. Now, choose the options as displayed in the screenshot below. Then click on "**Download**" to save the configuration file to your local machine. ![Download Configuration 2](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/Download%20Configuration.webp) ## Step 2: Obtain IPSEC Tunnel #1 details 1. Open the configuration file which you have downloaded form the **Step 1** and scroll until **conn Tunnelid** as shown in the screenshot below: ![AWS Tunnel Configuration](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/AWS%20Tunnel%20Configuration.png) --- 1. Make a note of these details as they will be needed for the VPN server configuration: - **IKE version**: IKEv2 (recommended) - **Remote IP (right)**: Your AWS Remote IP - **Encryption settings** IKE Encryption and DH Group - **Local IP (-ll)**: Local Tunnel IP - **Remote IP (-lr)**: Remote Tunnel IP - **Mark (-m)**: specified in the config - **Pre-shared key (PSK)**: Your Pre-Shared Key / Secret ## Step 3: Obtain IPSEC Tunnel #2 details 1. Within the same configuration file, scroll down to locate the section labeled **conn Tunnel2**. 2. Take note of the following details as they will be required for configuring Site-to-Site connection: - **IKE version**: IKEv2 (recommended) - **Remote IP (right)**: Your AWS Remote IP - **Encryption settings** IKE Encryption and DH Group - **Local IP (-ll)**: Local Tunnel IP - **Remote IP (-lr)**: Remote Tunnel IP - **Mark (-m)**: specified in the config - **Pre-shared key (PSK)**: Your Pre-Shared Key / Secret ## Step 4: Creating Site-to-Site configuration Once you have obtained all necessary details from the AWS config – **IPSEC** **Tunnel #1** and **IPSEC** **Tunnel #2** – please create a setup in [Sites tab of the NordLayer Control Panel](/v1/docs/site-to-site). --- Related articles: If you're interested in our comprehensive guide on setting up a site-to-site connection with AWS, please refer to the following sections: - [Setting up site-to-site on AWS Virtual Gateway](/v1/docs/site-to-site-aws-virtual-gateway) - [Setting up site-to-site on AWS Transit Gateway](/v1/docs/site-to-site-aws-transit-gateway) --- **Note**: In case you are experiencing different results, make sure that you have you carefully gone through all the steps. Having said that, in case the issue persists please feel free to contact our [24/7 customer support team](/docs/how-do-i-contact-nordlayer-customer-support).