Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Site to Site VPNs with VPC peering connections

0

Hi,

I have 2 VPCs (VPC A and VPC B) in 2 different regions connected through VPC peering. Each VPC has a public subnet and a private subnet. Our services reside in the private subnets. I also created 2 VPNs (1 for each VPC) that connect to the same customer gateway device in the office according to the suggestion in this article (https://repost.aws/articles/ARy1NuLZbJQh2vgnZ2BzXxGw/why-can-t-i-connect-to-a-peered-vpc-when-using-an-aws-site-to-site-vpn-connection-that-terminates-on-a-virtual-private-gateway). All the 4 VPN tunnels are UP. Now, I can ping the services in VPC A from the office but unable to reach the services in VPC B. How shall I configure the route tables to reach the services in VPC B?

p.s. We need to keep the VPC peering for other purposes.

Thanks, Pan Hong

Topics
Networking & Content Delivery
Tags
AWS Virtual Private Network (VPN)VPC Virtual Private GatewayAmazon VPC
Language
English
asked 2 years ago860 views
1 Answer
3
Accepted Answer

Hello.

Is there a route configured in the route table of VPC B to connect to the office?
Or is route propagation done with BGP?
https://docs.aws.amazon.com/vpn/latest/s2svpn/VPNRoutingTypes.html

If the route table on the AWS side is configured as shown below, I think communication will be possible.

desttarget
VPC A CIDRVPC peering
VPC B CIDRlocal
Office CIDRVGW

Also, are the inbound rules configured to allow access from the office network in the security group such as EC2 that you are connecting to?

EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago
EXPERT
reviewed 2 years ago
  • blacktulip12
    2 years ago

    It works. Thanks Riku. We're not using BGP.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content