cannot ping from 2 vpcs both connect to a vpc using vpn site to site connection
here is my situation : i have one vpc (aws side -virginia-) with 10.1.0.0/16 it has a vgw attached to it , and 2 vpn connection (showing up) : 1- with 10.2.0.0/16(ohio) , i can ping from it to 10.1.0.129 2- with 10.3.0.0/16(california) , i can ping from it to 10.1.0.129
i want to ping from 10.2.0.0/16 to 10.3.0.0/16 using the vpn connection (the routing table in 10.2.0.0 has 2 lignes the local and one for the internet gateway- same as 10.3.0.0) .
hope this is a detailed explanation of my problem . thank you .
security groups :
vpc 1 (aws side- virginia) :
vpc 2 (10.2.0.0/16- ohio) :
vpc 1 (10.3.0.0/16- california) :
- Newest
- Most votes
- Most comments
If you want to ping/route between 2 VPC's then they need to be able to connect to each other. Based on your Route table descriptions you do not have any routes between the VPC's
Have you setup VPC peering or TGW? If so, you are going to need routes in your tables on both VPC's
Did you check the security groups in all 3 vpcs: are they identical? You should make sure that they allow ICMP protocol (ping) both in inbound and outbound rules.
the security groups all allow icmp traffic , i updated the post and added sreenshots of security groups !
Relevant content
- asked 8 months ago
- Accepted Answerasked 4 years ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 8 months ago
if i setup the vpc peering the vpn connection will be useless , i want the vgw to forward traffic from 10.2 to 10.3 and vise versa , should add in the routing table of vpc2 (10.2) somthing related to vpc3 (10.3) because even tho there nothing in the routing table of vpc2 related to the vpn tunnel connection with vpc1 , im able to ping
Afraid that’s not a VGW is designed for.
What you may want to do is have a separate vpc ina cereal network account with your VPGW, VPn and peering with transit gateway. Then your vpcs attach to the transit gateway and route via centrally.
Virtual private gateway: A virtual private gateway is the VPN endpoint on the Amazon side of your Site-to-Site VPN connection that can be attached to a single VPC.
Technically a hub and spoke and well a
How does vpc1 and vpc2 route with each other?
vpc1 has a vpc connection with vpc2 (same as vpc1 and vpc3) what i want is that the vgw forward packets from vpc2 to vpc3
im wondering since i have vpc 2 and vpc 3 in different regions how can i route them , for exemple if they were in the same regions i would have used in the routing table of vpc2 (if the destination is vpc3 the target will be the vgw) , but they are in different regions ,i need to add the routing between vpc2 and vpc3 i guess , do you think this is the reason ?