- Newest
- Most votes
- Most comments
I would therefore see about enabling split tunnel on wireguard VPN https://asheroto.medium.com/split-tunneling-in-wireguard-on-windows-e2dfd86d5982
Followed by setting up the SSM private endpoint on the VPC so that split tunnel allows access to SSM as it’s on the local network.
https://docs.aws.amazon.com/systems-manager/latest/userguide/setup-create-vpc.html
You don’t mention if the vpn you were using was to your VPC or some other VPN service/provider.
It sounds like a simple routing issue. If you are using AWS client VPN you may want to enable split tunnel. To use NiceDCV you need to be able to access the SSM public or private endpoint.
Sounds like when your VPN connects, you loose access to the HTTPs endpoint
Thanks for the answer Gary! The VPN connection was established between the EC2 instance and WireGuard, connecting to the client's network. So I guess the second part of your answer doesn't apply since this refers to a VPN connection between my laptop and the instance right?
Arh ok. I suspect the same issue is happening then on the EC2. It also needs to connect to the SSM end point. I assume the same thing is happening with the vpn client you are using there too. Soon as the VPN comes up it drops the connection to SSM and you loose access.
Relevant content
- asked 2 years ago
- asked 7 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
Alright that sounds like it should work. Just to be clear about the VPC, I just created it because I thought it would help connect to the instance again. Normally I don't use a VPC but connect directly to the instance using the public DNS. Do I need to use a VPC and do the second part of the answer? Also do you have an idea on how I can connect to the instance again and configure the WireGuard connection? Since the VPN was activated I cannot connect to the instance anymore since it's automatically connected to the VPN when booting and I don't have a clue what IP I have to use now.
UPDATE: I restored the instance from an older AMI where the VPN was not installed. I follow the article to set up split tunneling, but I am having issues with adding the proxy server to Proxifier. It is asking for an IP address, port and protocol. When using "route print" in PS I see the Wireguard Interface but using this IP with the port 51820 I set in the Wireguard conifg als listening port won't work. (Using HTTPS protocol). Any idea on this?