问题
I gonna create a secure tunnel from my Office (Static IP) to AWS VPC and then Internet Gateway. I have a VPC, private and public subnets. Office connects to private subnet via VPN tunnel.
How can i route all private (VPN) traffic to public and Internet gateway?
Office <--VPN--> Private subnet <--> Public subnet <--InternetGateway--> Internet
If this is not a good solution, what's the best practice for having a dedicated, simple and secure tunnel from Office to Internet?
回答1:
This is not possible.
Your office VPN connection routes traffic to the Amazon VPC. The target address range should be within the CIDR range of the VPC.
There is no capability for the VPC to 'forward' your traffic through the Internet Gateway.
Traffic originating from the VPC will use the associated Route Table to direct traffic to a NAT or the Internet Gateway, but this is not available via a VPN connection.
来源:https://stackoverflow.com/questions/44480733/tunnel-from-office-to-internet-through-aws-vpc