How can I configure the EC2 instance to accept RDP connections only via VPN?

Question

I'd like to allow the connections to my EC2 instance only if connected to my VPN. I configured the AWS VPN Client correctly and working, then I edited the security group used by my EC2 instance setting an RDP incoming rule that only allows incoming traffic from the range of addresses of my AWS VPN Client. But once connected to the VPN I can't access the instance via RDP with my new assigned address. Where am I wrong?

Accepted Answer

Hi Dbadini - there are a number of potential causes so I'd start by using the reachability analyzer to ensure that you have the correct connectivity in place - https://docs.aws.amazon.com/vpc/latest/reachability/what-is-reachability-analyzer.html.    I'd also continue to troubleshoot through VPN logs and using tools such as netstat, netcat, nmap or telnet to test connectivity to as RDP should only require port 3389.  There are other connection options available if you'd prefer not to use RDP such as Systems Manager Session Manager https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html.  Finally check that the windows server has the correct firewall settings enabled and that you've configured incoming connections correctly server side.  Hope this helps :)

How can I configure the EC2 instance to accept RDP connections only via VPN?

관련 콘텐츠