Creating the Graphiant Gateway Service for AWS

  • Published on May 15, 2025
  • 8 minute(s) read
  • A
  • KD
 Prev Next

What is the Graphiant Gateway Service?

The Graphiant Gateway allows you to connect your on-premises Graphiant network to your public cloud workloads, using a private connection.  It is the preferred way to connect your Graphiant on-premises, cloud and multi-cloud environments together to create a hybrid network.  This document explains how to setup the Graphiant Gateway service and connect it to AWS Direct Connect.

To learn more about the Graphiant Gateway service check out the Gateway Overview.

Gateway Service for AWS Connectivity in the Graphiant Portal

Note:

AWS supports Jumbo Frames up to 8500 bytes.

Step 1: Locating Gateway Service in the Graphiant Portal

On the homepage of the Graphiant Portal, select and click ‘Gateway’ under the Service Management section in the left sidebar.

This will take you to the ‘Gateway’ page of the Graphiant Portal where you will be able to view existing Gateway services as well as provision new ones.

Step 2: Configuring Gateway in the Graphiant Portal

To configure the Gateway service click the 'Create Gateway Service' button.

Next, select the Graphiant region where you want to deploy the gateway service for your Direct Connect.

This opens the Cloud On Ramp screen.

Select 'Amazon Web Services'.

Next, enter the details needed in the request for the Graphiant Gateway to connect to AWS Direct Connect. Below are descriptors for each of the fields required in order to configure the Gateway.

  • Speed: Speed of the circuit from the Gateway to the cloud

  • LAN Segment: The desired LAN segment to connect and have access to the cloud

  • Amazon Account ID: Enter the desired Amazon Account ID here, where the connection to Direct Connect will appear.

  • Description (optional)

Click 'Next'; this will bring you to a review screen for your configurations.

Once you click 'Confirm' it will create a request for the Graphiant Customer Support team to follow up with you to provision your Gateway Service.

A confirmation pop-up will appear saying that Graphiant will be reaching out regarding next steps. A Graphiant Customer Support engineer will schedule a call to discuss the details of your Gateway Service.

Configuring the Cloud Gateway in AWS

Now that the request for the Gateway has been confirmed by Graphiant, AWS Direct Connect will need to be configured.

Log into the AWS account which was entered in the Graphiant Gateway Request.

Note:

An AWS Virtual Private Cloud (VPC) will need to have been created (along with a subnet and route table) to be accessible by the Graphiant network.

Step 1: Locating the VPC in AWS

Click on the 'Services' menu at the upper left of the AWS screen, then select 'VPC'.

Select 'Your VPCs' from the left side menu;  choose the desired VPC to connect to the Graphiant network.

The next step is to create a Transit Gateway (AWS cloud router).

Step 2: Creating a Transit Gateway in AWS

In the left side menu, scroll down to the 'Transit gateways' section; select 'transit gateways' immediately below.

Click the orange 'Create transit gateway' button.

Fill in the following fields:

  • Name tag: The name of the transit gateway

  • Description: Identifier for ease of later use

  • Amazon side Autonomous System Number (ASN): Desired private Amazon ASN between 64512-65534 or 4200000000-4294967294 ranges. If left blank, this field will auto-populate to the 1st ASN of 64512.

Note:

The Transit Gateway ASN cannot be the same as the Direct Connect ASN.

The remaining fields can be left as default.

Click the orange 'Create transit gateway' at bottom of screen.

Note:

It may take some time for the Transit Gateway creation process to occur.

When the Transit Gateway has been created, the next step is to create a Transit Gateway Attachment between the VPC and the transit gateway.

Step 3: Create a Transit Gateway Attachment

Once the Transit gateway shows State of "Available" in green, click the 'Transit gateway attachments' in the left side menu.

Click the 'Create transit gateway attachment' button at the top right.

Fill out the following fields:

  • Name tag: The name of the transit gateway

  • Transit gateway ID: From the drop-down, select the ID of the transit gateway just created, that will be connected to this attachment for the VPC.

  • Attachment type: Leave this as "VPC".

  • VPC ID: From the drop-down, select the ID of the VPC to attach to the transit gateway.

  • Subnet IDs: From the drop-down, select the subnets in which to create the attachment between the transit gateway and the VPC.

All other fields can be left as default.

Click the orange 'Create transit gateway attachment' button.

Configuration screen for creating a transit gateway attachment in AWS with highlighted fields.

Once the Transit Gateway Attachment has been created, the next step is to ensure that the VPC has a default route to the Transit Gateway.

Step 4: Updating the VPC Route Table

When the Transit Gateway Attachment shows State of "Available" in green, click on 'Route tables' in the left side menu.

This will bring up a screen of route tables.  

Select the Route table for the VPC that will connect to the Graphiant network;  click on the 'Routes' tab at the bottom of the screen.

Click 'Edit routes' at the bottom right of the screen.

Click 'Add route' on the left side of the screen.

Complete the following fields:

  • Under Destination: Enter "0.0.0.0/0" to ensure that the VPC has a default route to the Transit Gateway.

  • Under Target: Select "Transit Gateway" from the drop-down.

    • A new field will appear below; select the Transit Gateway created to access the Graphiant network.

Click 'Save changes'.

Now that the route table is complete with a default route to the Transit Gateway, the next step is to create a Direct Connect Gateway.

Step 5: Creating a Direct Connect Gateway

After the route table is complete with a default route to the Transit Gateway, click the 'Services' tab in the upper left corner.

Select 'Direct Connect' from the main menu.

Select 'Direct Connect gateways' in the left side menu.

Click orange 'Create Direct Connect gateway' button at the top right.

Complete the following fields:

  • Name: The name of the Direct Connect Gateway

  • Amazon-Side ASN: Desired private Amazon ASN between 64512-65534 or 4200000000-4294967294 ranges. If left blank, this field will auto-populate to the 1st ASN of 64512.

Note:

The Direct Connect ASN cannot be the same as the Transit Gateway ASN.

Click 'Create Direct Connect gateway'.

Once the Direct Connect gateway has been created, the next step is to connect it to the Transit Gateway.

Step 6: Connecting the Transit Gateway to the Direct Connect Gateway

When the Direct Connect gateway has been created and the State shows 'Available' in green, Click 'Connections' on the left side menu.

The connection provisioned by Graphiant will be shown here, with a State of "ordering".

Click that Connection's link.

Take note of the VLAN ID.

Note:

The VLAN ID is required for creating the virtual interface (Step 7).

Click 'Accept' to allow the connection.

A modal will appear to double-check accepting the connection.  If that is correct, click 'Confirm'.

The connection is now there and accepted.

Next, the Transit Gateway needs to be associated with the Direct Connect Gateway.

Click on 'Direct Connect gateways' in the left side menu.

Find the Direct Connect gateway created, and click on the gateway.

Click on 'Gateway associations'.

Click on the orange 'Associate gateway' button.

Complete the following fields:

  • Gateways:  Select the Transit Gateway previously created from the drop-down.

  • Allowed prefixes: Enter the prefixes that you want to be advertised from your cloud account into the Graphiant network.

Click 'Associate gateway'.

The Gateway association will now be visible in the Direct Connect gateway screen.

The next step is to create the Virtual Interface.

Step 7: Creating the Virtual Interface

When the Connection has been confirmed and State shows "" in green, click 'Virtual interfaces' in the left side menu.

Click orange 'Create virtual interface' button at the top right of the screen.

For Virtual interface type, select 'Transit'.

Complete the following fields:

  • Virtual interface name:  The name of the virtual interface.

  • Connection:  From the drop-down, select the connection previously accepted, on which the virtual interface will be provisioned.

  • Virtual interface owner:  Leave this field as "My AWS account".

  • Direct Connect gateway:  From the drop-down, select the Direct Connect gateway previously created, to which the virtual interface will be attached.

  • Virtual Local Area Network (VLAN):  This number is from the screen of the Connection accepted in the previous step.

  • BGP ASN:  The ASN of the BGP Peer;  Graphiant's ASN is 30656.

Click 'Additional settings'

Graphiant recommends leaving the following fields blank, allowing AWS to populate:

  • Your router peer ip

  • Amazon router peer ip

  • BGP Authentication key

Jumbo MTU:

Be sure to enable this if jumbo frames need to be allowed.

When the above mentioned fields are completed, click the orange 'Create virtual interface' button in the bottom left.

The Virtual interface will now be available, and the process on the AWS side is complete.

The next step is to communicate to Graphiant with the information necessary to enable the BGP Peer connection to the Graphiant Core and complete the provisioning of the gateway service.

Provide information to Graphiant for Provisioning the Gateway Service

The fields below are needed by Graphiant:

  • 'Amazon side ASN'

  • 'BGP Authentication Key'

  • 'Your router peer IP'

  • 'Amazon router peer IP'

Provide these fields to the Graphiant Customer Support engineer.

Optionally, if a downloaded file is preferred, click' Actions' at the top right, then choose 'Sample configuration' from the drop-down.

This is simply to have the above mentioned fields in a file for the Graphiant Customer Support engineer.  Therefore the fields can be selected however desired, as the information within the file is all that they need.

Click 'Download'.

Provide this file to the Graphiant Customer Support engineer.

Graphiant Provisions the Gateway Service

The Graphiant Customer Support engineer will enable the BGP Peer connection to the Graphiant Core and complete the provisioning of your Gateway Service.

The AWS portal will now show the BGP status of "UP" in green.

In the Graphiant Portal, the 'Gateway Status' for your Gateway Service will change to "Live" and it will be ready to use.

Note:

The status of "Live" is an indicator that the Gateway has been provisioned.  It does not reflect the current status of the connection.

Requesting Changes to the Gateway in the Graphiant Portal

Once a Gateway Service has been created you can request changes to it via the Graphiant Portal.  Navigate to the Gateway service page and locate the relevant instance.  Use the action menu to navigate to the 'Configure (read-only)' view.

Click the 'Request Support' button.

This will open up a modal to provide details of what changes you would like to make to your Gateway service.  

Once you click 'Submit', a request will be created for the Graphiant Customer Support team to make the requested changes to your Gateway service

Related articles