I have a working fortinet AWSmarketplace VM, that can route packets through a VPN.
I'm trying to set up a second VM, with a different VPN solution.
So, I'm trying to ping 10.1.1.1
I have a test VM in the same AWS subnet. I force a route for 10.1.1.1 through the first (fortinet) VM, set up packet capture, and do a test ping.
packet capture shows that it sees the ping packets.
I change the route to point to the new VM. I copied the security group used by fortinet VM, to the new VM. Set up packet capture via tcpdump.
packet capture shows if I ping the VM itself. But when I try to ping 10.1.1.1... nothing.
What am I missing here??
I know that GCP has a special magical "let this VM route packets" setting for its VMs that is needed in this type of situation. but I havent found anything like that for AWS. Is it hiding somewhere unexpected?
Thank you so much! That was it.