- Newest
- Most votes
- Most comments
Hi,
I'm not sure if I've entirely understood the question, so please clarify if I've misunderstood.
The actual public IP address of the user's device will be outside the control of AWS, as it'll be controlled by the user's ISP, so could be via DHCP, or some ISPs allow options for a static IP (sometimes at extra cost), so if it's back on the user device I think the user's (or company if it's company supplied) would need to talk to their ISPs.
If you're asking whether it's possible once terminated inside AWS to make all the users appear from a static public IP then I think the answer to that is yes. You could either do something with NAT gateway, or if you want URL filtering you could put in place Network Firewall or a 3rd party solution via marketplace or build it yourself.
Mark
Hi, I understand you have tried these steps already.
I have reviewed these steps and confirmed it can be a solution to your issue. Following these steps from this article should resolve the issue. Static IP for client VPN
Here is a clarified summary of the steps: The main components needed to establish a static IP for AWS Client VPN are VPC, NAT gateway, and VPN endpoint.
-
Create a VPC with a public and private subnet.
- During VPC creation make sure “VPC and more” is enabled and NAT gateways is NOT set to “None”, to ensure the successful creation of subnets and NAT gateway.
- This step should automatically create NAT gateway(s), which assigns users a public ip when they are access the internet.
-
In the VPC navigation bar create a Client VPN endpoint, then associate the endpoint to the private subnet. Configuring Endpoint
-
Check that the route table in the private subnet has route to NAT gateway.
- The route should look like "0.0.0.0/0 : Target Destination (NAT gateway)"
- Finally you can add the primary public ip address to the security group to allow traffic from the VPN. The primary public ip address can be found in the NAT gateway created in Step 1. If there is no public ip, you can make a new elastic ip from the VPC navigation bar and attach it to the NAT gateway. Elastic IPs
Relevant content
- asked 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 7 months ago
It would be the 2nd one. Make the user appear that they are coming from a static IP. I'll check out those links. Thank you.
If you're happy with the answer would you mind marking it as the accepted answer?
i tried the links, didn't work as expected.