Site to Site VPN for Windows EC2 Instance in Private Subnet

0

Hello Everyone,

I am new to AWS and trying to learn new things.

In the first region, I created Openswan in public subnet to act as production site.

In the second region, I created VPC with private subnet and VPN with appropriate routes and gateways. Then I created Linux EC2 instance in the private subnet and I am able to ping this instance from Openswan. I also created Windows Server EC2 instance in this private subnet but now I am not able to ping this Windows Server instance from Openswan. I have tried searching internet but not been able to resolve the issue. I am using same security group for both instances. Not sure what I am missing.

Regards, Nilesh Patel

asked a month ago139 views
1 Answer
2
Accepted Answer

Hello.

I think the EC2 Windows server could not be pinged unless the Windows firewall was configured to allow ICMP.
I think the Windows server does not allow ICMP in the Windows firewall by default.
Please try setting to allow ICMP using the method introduced in the blog below.
https://zomro.com/blog/faq/279-kak-razreshit-icmp-pakety-v-windows-server-2022-2019-2016

profile picture
EXPERT
answered a month ago
profile picture
EXPERT
reviewed a month ago
EXPERT
Leo K
reviewed a month ago
  • After changing the firewall setting, I am not able to ping Windows EC2 instance. Thank you very much, Riku_Kobayashi.

  • If you are having trouble configuring the settings from the UI, try running the following command from PowerShell.

    PS C:\Users\Administrator> New-NetFirewallRule `
    -Name 'ICMPv4' `
    -DisplayName 'ICMPv4' `
    -Description 'Allow ICMPv4' `
    -Profile Any `
    -Direction Inbound `
    -Action Allow `
    -Protocol ICMPv4 `
    -Program Any `
    -LocalAddress Any `
    -RemoteAddress Any 
    
  • Riku_Kobayashi, My appology! There is a typo in my previous answer. I was able to ping Windows EC2 instance after changing firewall setting. I have RDP access to the instance using Sesson Manager so changing the firewall setting wasn''t an issue.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions