Questions tagged with VPC Virtual Private Gateway
Content language: English
Sort by most recent
Lightsail AD DC Site to Site VPN
Having a tough time on this. tldnr: Want to connect remote office to AD instance via Sonicwall AWS VPN and access all the services without having an on prem DC. It "appears" that this is possible, but I'm not finding all the pieces. Are there guides that I can follow or is this a non-starter?
Lambda in VPC can't access S3
Can't access the S3 file from Lambda in VPC. When trying to access file in S3 from Lambda VPC, it throws timeout error. Below setup we are done in AWS. - Created VPC with Private and Public subnets - Created VPC Endpoints for Private subnets - Added Lambda (.net core 3.1) in VPC with AWS S3 full access S3 full access in AWS lambda has given, even though its not access file from S3.
Advice on creating VPC for EC2 to use IPSec connection
I am currently working on the integration of 2 platforms which need to communicate to each other via https requests. However one of these platforms' endpoints is only accessible via a VPN into their own network. I therefore want to use AWS to establish an intermediary app that will receive https communications from platform 1, and send it to platform 2, which is the one behind the VPN. To this end, I have been looking at documentation on AWS, and it looks like the best solution is to create a VPC on which I'd create a Site-to-Site VPN Connection using IPSec. Then I would create a new EC2 instance on this VPC which I will use to forward requests from platform 1 to platform 2. The questions I have are as follows: 1) Once the IPSec Site to site connection is established, will my EC2 instance (deployed to the same VPC that hosts the Site-to-Site connection) immediately be able to communicate with platform 2 which is behind their VPN based solely on the fact that it is on the same VPC, or will there be further routing setup required to allow to communicate via the tunnel established? 2) The VPN we wish to connect to has a process through which they must whitelist any given entities they connect with. A) They ask for an IPSec Gateway IP; I have looked at the documentation at https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html , and assume this is referring to the IP of what is in the document called the Virtual Private Gateway. I have created a VPG in my VPC but I cannot see an IP address associated with it. Is this something that only appears once the VPG is associated with site to site connection (and is no longer in a state of detached)? B) They require the IP addresses of the applications they will be interacting with, which in this case I assume will be my EC2 instance. However they require that subnet /29 or higher is required. How can I enforce that subnet on the EC2 public IPs? When creating a VPC I have the option of specifying the IPv4 CIDR block, however I cannot specify a netmask that is not between /16 and /28. I'm looking for advice on the above so I can make sure that the solution I wish to undertake with the VPC is not flawed, and that I am on the right track. Any guidance is appreciated.
VPN endpoint (VPC) replace certificate(s)
Hi All, doing some research on how to re-secure the VPN endpoints after a developer left and started threatening for some silly reason. So how can we re-secure the VPN endpoint again since we have an amazon self-made imported cert to Certificate Manager. I know theoretically every user should have a unique client- cert, but because of time constrainsts, I don't have time to get it all perfect. Thanks for any suggestions!
Single DC-GW connected to multiple direct-connect links
Hi, Can we connect a single Direct connect Gateway to multiple AWS direct-connect links available through different regions? I want my VPC in Oregon region to use it hosted direct-connect in the same region as primary path and hosted direct connect in California region as backup path! For example: DC link-1 hosted in Oregon region DC link-2 hosted in California region Both the direct connect links should have Hosted/Private Virtual Interface with same Direct-connect Gateway Then the DC-GW is associated with VGW(s) I this feasible to do?
NiceDCV connection gateway working example?
Are there any complete examples of a NiceDCV connection gateway? I'd like to run the gateway on a bastion host to connect to workstations on a private subnet. It seems the connection gateway configuration *requires* a web-resources url, presumably in case of a web client, but the documentation doesn't indicate how to set it up, or what files to put there.
VPC subnet routing.
We are setting up a site to site VPN to a VPC. The VPC has a main subnet and several subnets. For route tables, do we need explicit subnet associations? We are having difficulty getting the VPN and our network to communicate even though the virtual provate gateway and site-to-site vpn look fine. Aslo how do we trace routing through this configuration since there are not any hops to see on trace routes?