AWS Client VPN connection and traffic flow handling simplified

Securing AWS Client VPN Access with Google Workspace IDP

How do I provide my Client VPN users with access to AWS resources?

How do I resolve resource records in my private hosted zone using Client VPN?

How does DNS work with my AWS Client VPN endpoint?

How do I associate a target network with a Client VPN endpoint?

I followed [this](https://aws.amazon.com/blogs/compute/a-guide-to-locally-testing-containers-with-amazon-ecs-local-endpoints-and-docker-compose/) guide to set up a local dev env with Docker-compose + local IAM auth. Additionally, I am trying to connect to a resource inside our VPC using the AWS client VPN (split tunnel mode).

When running each of these individually, there are no issues. However, when combining them, the requests being made to the local ECS endpoint for auth (169.254.170/24) is being redirected through the VPN and failing to pull back valid creds. 

Is it possible to keep all 169.254.170/24 traffic local? Is it possible to use a different ip range for the local container?

Client VPN + Local docker-compose amazon-ecs-local-container-endpoints 169.254.170 being routed through VPN

Networking & Content Delivery

Client VPN Endpoint local traffic routing disfunctional

Access services in a VPC through Site to Site VPN with remote office VPN connection

OpenVPN inside AWS Client VPN

AWS Client VPN with split tunnel add default route even though it shouldn't

Client VPN + Local docker-compose amazon-ecs-local-container-endpoints 169.254.170 being routed through VPN

Add your answer

Relevant content