Amazon VPC cloud with VPN access to all subnets issue
Posted: Fri Apr 10, 2015 5:12 pm
Hello, I've installed a Debian SoftetherVPN Server. However there's no access/ping to any other private/public subnets. I've Setup A NAT instance to route to internet and subnet and it works for all.
Not for the VPN though - it may be routing/ip/nat issue but cannot resolve it for weeks now.
Using OpenVPN with routing to subnets works perfect but I LOVE Softether and beg for help to make it work for our Amazon Cloud. We got couple of offices and VPN is mandatory
Could anyone please give me a hint how to fix that!
More details:
Amazon VPC 10.0.0.0/16 with public and private subnets.
Production instances in private subnet 10.0.10.0/24
Development instances in private subnet 10.0.20.0/24
NAT instance in Public subnet 10.0.90.0/24
VPN instance in Public subnet 10.0.80.0/24
DC/DNS/DHCP server 10.0.1.5 - Active directory subnet; scope 10.0.1.20-10.0.1.220
Nat is routing the trafic from private subnets to the Internet
All subnets are accessible and pingable within.
Everything works as it should.
Then I need to provide cloud access for our Internal Domain users. VPN debian server installed and connecting to it is successfull. IP obtained from virtualDHCP. Then access to Internet is lost and no access to any of the subnet granted
VPN server installed as advised in http://blog.lincoln.hk/blog/2013/05/17/ ... al-bridge/
I just need global remote access to our Cloud and subnet (internal IP) servers.
I'm I missing any configuration or have it misconfigured? Any advise will be highly apreciated
=====debian Server main Settings=====
VPN Server IP: 10.0.80.254
VPN Client IP Range: 10.0.80.20-10.0.80.200
Tap Device name: tap_soft
# apt-get install dnsmasq
net.ipv4.ip_forward = 1
# sysctl --system
# iptables -t nat -A POSTROUTING -s 10.0.80.0/24 -j SNAT --to-source 10.0.80.254
# apt-get install iptables-persistent
==================
Could anyone shed some light into a proper VPN routing within Amazon?
And installing Window Softether Server in the cloud led to the same limitation
History: Using Windows SoftetherVPN on local VMWare for years with global access to our internal systems - Fully satisfied!
Thank You
Not for the VPN though - it may be routing/ip/nat issue but cannot resolve it for weeks now.
Using OpenVPN with routing to subnets works perfect but I LOVE Softether and beg for help to make it work for our Amazon Cloud. We got couple of offices and VPN is mandatory
Could anyone please give me a hint how to fix that!
More details:
Amazon VPC 10.0.0.0/16 with public and private subnets.
Production instances in private subnet 10.0.10.0/24
Development instances in private subnet 10.0.20.0/24
NAT instance in Public subnet 10.0.90.0/24
VPN instance in Public subnet 10.0.80.0/24
DC/DNS/DHCP server 10.0.1.5 - Active directory subnet; scope 10.0.1.20-10.0.1.220
Nat is routing the trafic from private subnets to the Internet
All subnets are accessible and pingable within.
Everything works as it should.
Then I need to provide cloud access for our Internal Domain users. VPN debian server installed and connecting to it is successfull. IP obtained from virtualDHCP. Then access to Internet is lost and no access to any of the subnet granted
VPN server installed as advised in http://blog.lincoln.hk/blog/2013/05/17/ ... al-bridge/
I just need global remote access to our Cloud and subnet (internal IP) servers.
I'm I missing any configuration or have it misconfigured? Any advise will be highly apreciated
=====debian Server main Settings=====
VPN Server IP: 10.0.80.254
VPN Client IP Range: 10.0.80.20-10.0.80.200
Tap Device name: tap_soft
# apt-get install dnsmasq
net.ipv4.ip_forward = 1
# sysctl --system
# iptables -t nat -A POSTROUTING -s 10.0.80.0/24 -j SNAT --to-source 10.0.80.254
# apt-get install iptables-persistent
==================
Could anyone shed some light into a proper VPN routing within Amazon?
And installing Window Softether Server in the cloud led to the same limitation
History: Using Windows SoftetherVPN on local VMWare for years with global access to our internal systems - Fully satisfied!
Thank You