- 最新
- 投票最多
- 评论最多
For running 3rd party VPN Client solution, there is 2 ways to accomplish. By using NAT and Routed-IP Pool.
You can refer to this blog about 3rd party remote access VPN solution on the logic and design reference. https://aws.amazon.com/blogs/networking-and-content-delivery/scale-remote-access-vpn-on-aws/
For your case it seems you want to use Routed-IP-Pool, but there is no way to steer traffic to your VPN instance, you need Transit Gateway to help. Check out the details from the above blog.
If you only need to allow VPN client to initiate traffic to the internet and access AWS internal resource, you can simply try to use source-NAT method on your VPN instance, all client traffic are source-NATed to pfsense ENI in public subnet. For VPC traffic routing point of view, it only sees the traffic from the pfsense ENI (including source-NATed client traffic).
相关内容
- AWS 官方已更新 9 个月前
- AWS 官方已更新 1 年前
- AWS 官方已更新 2 年前