如何允许来自 VPN 的流量访问内部负载均衡器 (AWS)?
[英]How to allow traffic from VPN to access Internal Load Balancer (AWS)?
问题描述
Is it possible to allow traffic from a Customer Gateway to access an Internal Application Load Balancer directly?
是否可以允许来自客户网关的流量直接访问内部应用程序负载均衡器? I can access the Internal ALB via ec2 instances inside the VPC, however I would like to access it from my network.我可以通过 VPC 内的 ec2 实例访问内部 ALB,但是我想从我的网络访问它。
I have set up a VPG, and attached this to the VPC via the Routes, according to these instructions https://medium.com/@nZenitram/connecting-an-aws-vpc-to-your-vpn-from-the-cloud-to-the-colo-ed1f2985ccf1 .我已经设置了一个 VPG,并根据这些说明通过路由将其附加到 VPC https://medium.com/@nZenitram/connecting-an-aws-vpc-to-your-vpn-from-the-云到 colo-ed1f2985ccf1 。 But I still can not access the Internal ALB directly.但是我仍然无法直接访问内部 ALB。
Is there a way to make this happen?有没有办法做到这一点? If so, how?如果是这样,如何?
2 个解决方案
解决方案1
1 2020-03-09 17:06:02
Yes definitely.当然是。 Can you access other resources?您可以访问其他资源吗? I would start by figuring out if you can access the ILB by IP address.我首先要弄清楚您是否可以通过 IP 地址访问 ILB。 Can you do a DNS lookup on the ILB name?您可以对 ILB 名称进行 DNS 查找吗?
解决方案2
1 已采纳 2020-03-09 17:20:35
As @KyleM mentioned, yes it is absolutely possible.正如@KyleM 所提到的,是的,这是绝对可能的。 Another thing to watch out for is that your local machine gets a VPC IP assigned when you log on and you need to open up the LBs security group to the CIDR that the VPN uses.另一件需要注意的事情是,当您登录时,您的本地计算机会获得分配的 VPC IP,并且您需要将 LB 安全组打开到 VPN 使用的 CIDR。 Also, can you access other private resources inside the VPC through the VPN, such as an EC2 instance in a private subnet?另外,您是否可以通过 VPN 访问 VPC 内的其他私有资源,例如私有子网中的 EC2 实例?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.