By using AWS re:Post, you agree to the Terms of Use

Questions tagged with Amazon VPC

Sort by most recent
  • 1
  • 12 / page

Browse through the questions and answers listed below or filter and sort to narrow down your results.

AWS VPN Client can not be connected.

AWS VPN Client can not be connected with below logs. ``` 2022-08-10 13:21:44.518 +09:00 [DBG] CM processsing: >LOG:1660105304,I,open_tun 2022-08-10 13:21:44.518 +09:00 [DBG] CM processsing: 2022-08-10 13:21:44.518 +09:00 [DBG] 🥶 APPEND line 2022-08-10 13:21:44.518 +09:00 [INF] Begin receive init again 2022-08-10 13:21:44.521 +09:00 [INF] Received bytes: 105 2022-08-10 13:21:44.521 +09:00 [DBG] Message marshalling complete 2022-08-10 13:21:44.521 +09:00 [DBG] CM received: >LOG:1660105304,,CreateFile failed on TAP device: \\.\Global\{5B0DB356-AB62-485C-A071-3537D307D3BB}.tap 2022-08-10 13:21:44.521 +09:00 [DBG] CM processsing: >LOG:1660105304,,CreateFile failed on TAP device: \\.\Global\{5B0DB356-AB62-485C-A071-3537D307D3BB}.tap 2022-08-10 13:21:44.521 +09:00 [DBG] CM processsing: 2022-08-10 13:21:44.521 +09:00 [DBG] 🥶 APPEND line 2022-08-10 13:21:44.521 +09:00 [INF] Begin receive init again 2022-08-10 13:21:44.521 +09:00 [INF] Received bytes: 151 2022-08-10 13:21:44.521 +09:00 [DBG] Message marshalling complete 2022-08-10 13:21:44.521 +09:00 [DBG] CM received: >LOG:1660105304,F,All TAP-Windows adapters on this system are currently in use. >FATAL:All TAP-Windows adapters on this system are currently in use. 2022-08-10 13:21:44.521 +09:00 [DBG] CM processsing: >LOG:1660105304,F,All TAP-Windows adapters on this system are currently in use. 2022-08-10 13:21:44.521 +09:00 [DBG] CM processsing: >FATAL:All TAP-Windows adapters on this system are currently in use. ``` I reinstalled the VPN Client but the error occurs continuously. Raptop brand is Lenovo and OS is Windows. How should I correct this error?
0
answers
0
votes
4
views
asked 41 minutes ago

Lambda in private subnet cannot reach DynamoDB

Hi! We are working on a POC related to hardening network security & resources. We used as model the reference of Building Basic Web Application, link: [https://aws.amazon.com/getting-started/hands-on/build-web-app-s3-lambda-api-gateway-dynamodb/](), where a Lambda invoke from API Gateway post data in to a DynamoDB table. Here are the changes made: * The lambda was set to be inside the VPC and within a private subnet. * A NAT Gateway was added for internet access and linked to the route table of the private subnet. * A VPC Gateway endpoint was also added so the communication between the lambda and DynamoDB can be done thru the endpoint instead over routes. This endpoint has also been added to the route table of the private subnet. If we take out the lambda out of the VPC and configure it as "NONE" in the VPC settings, it works fine, just as it suppose to work from the reference previously shared. We created another lambda, using the "Hello World" template, we added it to the same VPC and it works fine. The problem here is wih the Lambda that post data in to a DynamoDB table. Error message from Lambda: Task timed out. It seems that the issue is between the communication from Lambda to DynamoDB, since the other Lambda works fine inside the VPC. Any advice? Kinldy/please help! Thank you! ![Reference Architecture](https://repost.aws/media/postImages/original/IMig5QmJK6Re-eqxLh5LLYvQ)
1
answers
0
votes
33
views
asked a day ago

Connect IOT Core, Kafka Rule to managed Confluent Kafka cluster

I am testing the IOT Core integration to Kafka via the Kafka rule action. The Kafka cluster is a Confluent Managed Kafka in "Confluent Cloud" (which is on AWS, but as a SAS service). The documentation is very sparse on how to connect to external kafka clusters. I used the Destination VPN and setup various combinations of EINs with EIP, NAT gateway , Internet Gateway. I opened all security groups in and out with no blocking. I verified routes are routing external traffic though the IGW I used the Accessability tool in VPC to verify that end to end, the IGW and IOT ENIs were accessable to each other (yes) I verified via a test java program that the kafka cluster is publicly reachable (via laptop) I verifed the same in a EC2 instance in the VPC. I used VPC flow logs and see traffic in and out of VPN on the kafka port to the correct IP addreesses On kafka side, verified java tests succeeded in posting messages I tested default VPC and a new VPC with no other components - same result. No matter what I do I get the same error and no messages in kafka COnfiguration is using SASL_SSL with PLAIN auth. Secrets are using the SASL plain user/passord in secrets. Error: { "ruleName": "KafkaNewDest", "topic": "xxxx/iot-user/george", "cloudwatchTraceId": "c9b00bd9-473a-f106-b70b-c7d1cca1b0b9", "clientId": "iotconsole-dea798d2-833a-4924-97d7-b954e169218c", "base64OriginalPayload": "ewogICJjb3VudCI6IDEKfQ==", "failures": [ { "failedAction": "KafkaAction", "failedResource": "dev.priv.dmm.test", "errorMessage": "KafkaAction failed to send a message to the specified bootstrap servers. Topic dev.priv.dmm.test not present in metadata after 1000 ms.. Message arrived on: xxxx/iot-user/george, Action: kafka, topic: dev.priv.dmm.test, bootstrap.servers: pkc-xxxx.us-east-2.aws.confluent.cloud:9092" } ] } Any suggestions on what to try next ? Odd data point -- using a totally invalid user or password does not change the results. Same error.
1
answers
0
votes
15
views
asked 6 days ago
  • 1
  • 12 / page