Hi,
Is it possible to enable client VPN access to a peered VPC? I have an SSO VPN which can connect to VPC A (associated to 10.0.0.0/16) and would like to be able to connect to an EC2 in peered VPC B (10.10.0.0/16). This scenario would save the trouble (and costs) of creating a different VPN for each VPC.
Any advice is appreciated (as well as resources pertaining to the a potential solution)
Regards
It’s possible, but you’ll need to add the route to your client machine to route packets to the destination VPC/network to your VPN IP address.
Thanks for the reply! I have to ask though, can I not have the VPN client create this route itself and use split-tunneling? Is it only possible if I manually add a route to 10.10.0.0/16 via the virtual VPN interface?
Just found my answer through a lot of trial and error. You create the peering connection, allow traffic via security group, add the routes in a new routing table which you apply to the associated subnet of the VPN connection, then add the routes again to the routing table of the VPN. No need to manually add routes on the client VPN machine this way. Gotta love networking…