I need to route certain traffic via site-to-site VPN. This trivial thing doesn't work for me in AWS, while works fine in my test on-prem environment. For instance: - I need to route traffic to 111.111.111.111/32 via 10.10.10.11 - I tried both adding this route to 10.10.10.10, and adding it into the VPC routing table - no results. I.e. I. don't see packets to 111.111.111.111 coming to 10.10.10.11. (I checked both using network sniffer on 10.10.10.11 and using AWS Flow logs). Any ideas? TIA, Vitaly

How to add custom route via EC2?

I need to route certain traffic via site-to-site VPN. This trivial thing doesn't work for me in AWS, while works fine in my test on-prem environment. For instance:

I need to route traffic to 111.111.111.111/32 via 10.10.10.11
I tried both adding this route to 10.10.10.10, and adding it into the VPC routing table - no results. I.e. I. don't see packets to 111.111.111.111 coming to 10.10.10.11. (I checked both using network sniffer on 10.10.10.11 and using AWS Flow logs).

Any ideas? TIA, Vitaly

주제

네트워킹 및 콘텐츠 전송 컴퓨팅

태그

아마존 VPC 아마존 EC2

언어

English

vitaly_il

질문됨 2년 전1391회 조회

2개 답변

최신
최다 투표
가장 많은 댓글

You should do this by routing to an AWS object that has the IP... i.e. the eni-XXXX that has the 10.10.10.11 IP assigned to it.

AWS route tables need to point objects like ENIs, TGWs, PCXs and not IP addresses.

Isaac Behrens

답변함 2년 전

vitaly_il
2년 전
Thank you - I used ENI into VPC routing table. In fact, I found the issue - it was the default "Source/dest. check" == True in the ENI of my VPN box.

I found the issue - it was the default "Source/dest. check" == True in the ENI of my VPN box.

vitaly_il

답변함 2년 전

How to add custom route via EC2?

관련 콘텐츠