I am a developer that got stuck with a task of solving this, and this is as far as I got. I am still struggling with terminology, but here is my best attempt at explaining the issue.
I have an AWS VPN with static routes connection with customer established, both tunnels are up. I can as well ping few IP's on their part of the network. And they can ping my EC2 instance on my side.
However, the customer want to be able to ping IP's inside the VPN tunnel, my guess is for monitoring, but that does not work:
ping vrf PUBLIC_VPN3 169.254.166.169 source 169.254.166.170
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 169.254.166.169, timeout is 2 seconds:
Packet sent with a source address of 169.254.166.170
.....
Any idea what in AWS is blocking it?
NACL allows all from 0.0.0.0/0 inbound and outbound. There is no firewall.
Please point me in the right direction!
No comments:
Post a Comment