fix(vpn): statuses

Author: RoRoJ

pages/site-to-site-vpn/reference-content/statuses.mdx

@@ -43,7 +43,8 @@ This section explains the different statuses possible for a connection, and how
 
 | **Status**             | **Description**                         | 
 |------------------------|-----------------------------------------|
-| **Active**             | The connection has been created, and the BGP session(s) between the two gateways are both up. Traffic can flow through the connection's tunnel(s). |
+| **Ready**             | The connection has been created and is ready to connect. The tunnel(s) cannot be established because the customer gateway device is not yet successfully configured. |
+| **Active**             | The connection has been created, and all expected BGP session(s) between the two gateways are up. Traffic can flow through the connection's tunnel(s). |
 | **Limited connectivity**   | The connection has been created, but IP connectivity is limited. This may be the case if the connection has both an IPv4 and an IPv6 routing policy attached, but only one of the two associated BGP sessions is up.|
-| **Down**       | The connection has been created, but either a) the customer gateway device is not yet successfully configured and the tunnel(s) cannot be established, or b) no BGP sessions (neither IPv4 not IPv6) are up, and without route announcements no traffic can flow through the tunnel.|
+| **Down**       | The connection has been created, but no BGP sessions (neither IPv4 not IPv6) are up, and without route announcements no traffic can flow through the tunnel.|
 | **Locked**             | The connection has been locked by the Trust and Safety team. You cannot carry out any actions on the connection. Open a support ticket. |

pages/site-to-site-vpn/reference-content/understanding-s2svpn.mdx

@@ -69,11 +69,13 @@ The ASN must be different to Scaleway's ASN (12876). This means you cannot use S
 
 By default, when you create a VPN connection, all routes across it are blocked. You must create and attach a routing policy for the connection, which sets filters for the IP prefixes to allow.
 
+A VPN connection must have a **minimum of one** and a **maximum of two** attached routing policies, one for each IP traffic type to be routed (IPv4 and/or IPv6).
+
 A routing policy has the following properties, which you can customize when you create the policy:
 
 - **Region**: The geographical location in which the routing policy is created. It must be in the same region as the other Site-to-Site VPN resources (VPN gateways, customer gateways, connections) that you want to use it with.
+- **Traffic type**: IPv4 or IPv6. If a VPN connection is to support both IPv4 and IPv6 traffic, it needs one routing policy per traffic type.
 - **Name** and (optionally) **tags**: A name and tags to identify the policy.
-- **Traffic type**: Defines whether this policy will cover IPv4 traffic or IPv6 traffic. VPN connections supporting both types of traffic need two separate routing policies: one for IPv4 and one for IPv6.
 
 You can whitelist multiple **outgoing routes** and multiple **incoming routes** per policy.
 
@@ -96,10 +98,10 @@ A connection has the following properties, which you can customize when you crea
       - IPv6 tunnel: If both gateways have a public IPv6 address
       - IPv4 and IPv6 tunnels: If both gateways have a public IPv4 and a public IPv6 address.
 
-- **Traffic types** and **routing policy**: The traffic types (IPv4 and/or IPv6) that the VPN tunnel(s) should be able to route. For each traffic type, an associated routing policy must be specified (see [above](#routing-policy)).
+- **Routing policy(ies)**: For each traffic type (IPv4 and/or IPv6) to be routed over the connection, an associated routing policy must be attached (see [above](#routing-policy)).
 
     <Message type="tip">
-    IPv6 traffic can travel through a tunnel established between two public IPv4 addresses, and vice versa. You can still choose to route both types of traffic over your VPN connection, even if it only has one VPN tunnel. 
+    IPv6 traffic can travel through a tunnel established between two public IPv4 addresses, and vice versa. You can still attach an IPv4 and an IPv6 routing policy to your VPN connection to allow routing of both types of traffic, even if it only has one VPN tunnel established between one type of public IP. 
     <br/><br/>
     Having both types of public IP for both gateways types increases redundancy by providing two tunnels per connection, but it is not this in itself which determines the traffic types which can be routed.
     <br/><br/>
@@ -128,7 +130,7 @@ Your customer gateway device is a real physical or software-based networking dev
 Scaleway cannot configure your device for you. In order to successfully complete the setup of your Site-to-Site VPN, you must configure the device yourself. You will need the following information, which is available from the API:
 
 - **Public IP address(es) of the VPN gateway**: The IPv4 address, IPv6 address, or both, that you configured when creating the VPN gateway.
-- **Scaleway ASN**: 12876 (TODO CHECK)
+- **Scaleway ASN**: 12876
 - **Pre-shared key**: Auto-generated for you upon creation of the connection, and stored in Scaleway Secret Manager
 
 You also need to set up route announcements and filters on the customer side. For this, you will need the following information: