- Más nuevo
- Más votos
- Más comentarios
Hello, There are a lot of tests that can be done here. Also propagation should not be an issue here. The best approach would be to track the flow of the traffic from On-Premise to the AWS environment you are trying to reach. Once the flow is established and the path is mentioned, do the hop by hop tests and check where the traffic is getting dropped. Considering, VPC/CVPN endpoint routing is correct and the rules for SG/NACL are correctly added on the EC2 and CVPN endpoint, You also need to add the routing on your ON-Premise end and verify.
If possible, ping the gateway and see if the packet is reaching the Gateway. Also collect bi-directional Trace-route/MTR (tcp-based) and check which hop the traffic is being blocked.
Based on the above assumptions, I strongly feel there could be IP-table rules that would be blocking the traffic or any intermediate device. Let us do the hop by hop analysis and see if the hop can be isolated.
Else, the best bet would be to reach out to the AWS Premium Support, since they will have access to the internal tooling and can help additionally by checking the Instance and endpoint level details.
Contenido relevante
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 8 meses
I looked, but none of the source/destination selections appeared to be anything with the VPN client from a user.