- 최신
- 최다 투표
- 가장 많은 댓글
I was able to use 1 VPN endpoint to access systems on different subnets which are on different VPCs. I followed this: https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/scenario-peered.html
I updated the routes that were listed in the VPN endpoint.
Yes, the Client VPN endpoint is per VPC!. You can only associate the subnets in a particular VPC and not subnets from another VPC. When creating the Client VPN endpoint, remember you are asked to select a VPC ID and not VPC IDs. Say if there is a way to associate multiple VPC IDs to a single endpoint, then that would be where you can associate subnets from multiple VPC but this is not the case here.
According to https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-working-target.html#cvpn-working-target-associate
"If you specified a VPC when you created the Client VPN endpoint, the subnet must be in the same VPC. If you haven't yet associated a VPC with the Client VPN endpoint, you can choose any subnet in any VPC.
All further subnet associations must be from the same VPC. To associate a subnet from a different VPC, you must first modify the Client VPN endpoint and change the VPC that's associated with it."
관련 콘텐츠
- AWS 공식업데이트됨 2년 전
- AWS 공식업데이트됨 9달 전
- AWS 공식업데이트됨 7달 전
A peering scenario is different from the question you asked. I wanted to give you that but since it doesn't speak to the original question.
You said - "I'm getting this when I try to associate a subnet from a different VPC "Only subnets within an endpoint's attributed VPC can be associated with the endpoint."
The Client VPN is still associated to a single VPN and you cannot associate a subnet from a different VPC. However, in a peered scenario, the Client VPN associated subnet can communicate with a peered VPC, which is what this link is pointing out https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/scenario-peered.html