Why Can't I Associate Multiple Client VPN Endpoints in the Same Availability Zone?

I'm using mutual certificate based authentication to quarantine off portions of my VPC to different users. Therefore, I have to have multiple Client VPN Endpoints. Can AWS only handle 1 Client VPN Endpoint per AZ the same VPC, even if they're on different subnets?

Example:
Client VPN Endpoint 1 is associated with Subnet 1 on us-east-1a
Client VPN Endpoint 2 is associated with Subnet 2 on us-east-1a

However, AWS will not let me do this -

トピック

ネットワークとコンテンツ配信 DevOps

タグ

Amazon VPC ネットワークとコンテンツ配信 DevOps 在庫状況 AWS Virtual Private Network (VPN)

言語

English

rePost-User-4132807

質問済み 2年前810ビュー

1回答

新しい順
投票が多い順
コメントが多い順

承認された回答

At this moment you cannot associate multiple subnets from the same Availability Zone with a Client VPN endpoint. You can associate multiple subnets with a Client VPN endpoint for high availability. All subnets must be from the same VPC. Each subnet must belong to a different Availability Zone.

Refer Limitations and rules of Client VPN section - https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html

エキスパート

AWS-User-Nitin

回答済み 2年前

エキスパート

Oleksii Bebych

レビュー済み 14日前

rePost-User-4132807
2年前
Can I associate multiple different VPN endpoints within different subnets within the same AZ? This is what is not working, but the docs are not clear.
AWS-User-Nitin エキスパート
2年前
The document calls out in the limitations here https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html#what-is-limitations. Also is mentioned over here https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-working-target.html

"If you associate more than one subnet with a Client VPN endpoint, each subnet must be in a different Availability Zone. We recommend that you associate at least two subnets to provide Availability Zone redundancy."

Why Can't I Associate Multiple Client VPN Endpoints in the Same Availability Zone?

関連するコンテンツ