AWS VPC - Region to Region

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
dajhorn
Posts: 137
Joined: Mon Mar 24, 2014 3:59 am

Re: AWS VPC - Region to Region

Post by dajhorn » Fri Nov 07, 2014 12:15 am

In most cloud environments like AWS, only direct UDP and TCP connections work as expected. L2 bridging, ICMP, and anything with an unusual protocol number is not [reliably] carried by the virtual network.

The best solution is usually:

1. Never change eth0 in a virtual machine hosted at any of the major cloud vendors.
2. Put all VPN traffic through a tap interface created by SoftEther.

When I last checked, neither EC2 nor Azure permitted L3 routing through any gate on the eth0 segment except as specified in the DHCP lease. Azure, in particular, has way more intelligence in its network fabric layer than you might assume, such that it is better to think of eth0 as a fancy emulation instead of a virtual device.

Post Reply