Connection timeout to certain addresses when using the Client VPN.

Question

Hello, I've been trying to set up a client VPN (with openvpn).
I've taken the time to understand everything, set up the Endpoint, routes, authorization rules and security groups.

When connected to the VPN, I can ping the EC2 instance in my subnet, and I can access google.com and query it which means internet seems to work just fine.

However, when trying to access AWS, youtube or almost anything really, I have a connection timeout.

I've tried to look into logs (they only log the connection initialization and the connection termination), DNS issues (as of now I think it might be the most likeky), security groups (enabled 0.0.0.0/0 inbound and outbound traffic everywhere to try if that was my issue), authorization rules and more.

I don't think this has anything to do with how I configured my VPN as if it was, I wouldn't have any access to the internet, however I do to a certain extent.

I haven't set up any DNS server for my Client VPN Endpoint if that can help,

thanks.

Answer

A good place to start would be to test whether DNS resolution is working for the other internet destinations that are not working. While connected to the CVPN endpoint you can run the commands below on either Linux or windows respectively:

Linux --> sudo dig

Or

Windows --> nslookup

That being said, the recommendation is to set up DNS servers for the CVPN endpoint. For instance you can use the VPC + 2 DNS resolver (VPC CIDR  +2 address)

Connection timeout to certain addresses when using the Client VPN.

Relevant content