What address should be used to create the customer gateway resource?
The private IP address of the customer gateway device
The MAC address of the NAT device in front of the customer gateway device
The public IP address of the customer gateway device
The public IP address of the NAT device in front of the customer gateway device
Explanations:
The customer gateway device’s private IP address is not routable over the internet. The VPN connection requires a public IP for communication.
The MAC address of the NAT device is not used for setting up the customer gateway resource, as it is a layer 2 address and irrelevant for IP-based communication.
The customer gateway device’s public IP address should be used if it directly connects to AWS, but in this scenario, the device is behind a NAT gateway.
The public IP address of the NAT device should be used because the customer gateway device is behind it. The NAT gateway is responsible for routing the VPN traffic.