- 最新
- 最多得票
- 最多評論
For running 3rd party VPN Client solution, there is 2 ways to accomplish. By using NAT and Routed-IP Pool.
You can refer to this blog about 3rd party remote access VPN solution on the logic and design reference. https://aws.amazon.com/blogs/networking-and-content-delivery/scale-remote-access-vpn-on-aws/
For your case it seems you want to use Routed-IP-Pool, but there is no way to steer traffic to your VPN instance, you need Transit Gateway to help. Check out the details from the above blog.
If you only need to allow VPN client to initiate traffic to the internet and access AWS internal resource, you can simply try to use source-NAT method on your VPN instance, all client traffic are source-NATed to pfsense ENI in public subnet. For VPC traffic routing point of view, it only sees the traffic from the pfsense ENI (including source-NATed client traffic).
相關內容
- 已提問 6 個月前
- AWS 官方已更新 2 年前
- AWS 官方已更新 9 個月前