After the creation of the VPN connection, download the VPN configuration for your gateway device, if listed. Otherwise, download the generic configuration since it will contain all the parameters needed. If your gateway was tested by AWS, you can find detailed configuration examples in the AWS Network Administrator Guide. Your gateway might even provide a function to import the AWS configuration directly for auto-configuration.
In case you cannot download a VPN configuration for your gateway and you do not find configuration examples, open the generic configuration file in a text editor and configure your local gateway accordingly. The “Outside IP Address” of the Virtual Private Gateway is the public IP address of AWS your local gateway is connecting to. Typically, you have to set up IKE and IPsec with the given pre-shared key for authentication. Note that the given authentication algorithms as well as the Diffie-Hellman/Perfect Forward Secrecy groups represent a minimal configuration only. We recommend to use at least SHA-256 for authentication (if not combined with the encryption algorithm AES-GCM) and Diffie-Hellman group 14 (MODP 2048).