Seeking Guidance on AWS Client VPN Endpoint Connectivity to VPC Subnets


I've successfully set up an AWS Client VPN endpoint and made efforts to establish a connection to both the private and public subnets within my AWS VPC. I've conducted multiple rounds of testing using the Ping command. While I've observed improvements in the results during my subsequent attempts, I believe there's still room for enhancement.

I've taken the initiative to compare my approach with Amazon's VPN "7 steps" tutorial as well as three different YouTube tutorials. Despite this, I find myself uncertain about the specific points that require troubleshooting.

To facilitate connection testing, I've deployed a bastion host and a web server in each private/public subnet.

I'm seeking assistance in identifying any gaps in my setup. If you have any insights or suggestions, I would greatly appreciate your guidance.

current diagram rtbprivate rtbpublic bastionhost privateWebServer


Are you configured to allow ICMP in the EC2 security group?
Also, am I correct in thinking that the subnet that the Client VPN endpoints are tied to is a private subnet?
Try setting the EC2 security group to allow ICMP on the CIDR of the subnet to which the Client VPN endpoint is tied.

profile picture
回答済み 1年前

I think you should show us the current security group policy atthached on each ec2 instances.

did you allow user b's host ip or network range to connect both ec2 instances?

回答済み 1年前

Thanks for reply @shared Here I share the security group policy for ec2 bastionhost webserver

回答済み 1年前

I successfully accessed the webserver in a private network by using an SSH to bastion host. While there are a few more connections that still need to be established/Tested, I'm pleased with the progress made in these updated versions. Thank you to everyone who provided comments and shared their technical knowledge. Your input has been greatly appreciated.


回答済み 1年前

ログインしていません。 ログイン 回答を投稿する。