堆栈内存溢出
  简体   繁体   English

具有 azure vnet 对等互连的 Aws vpn 网关

[英]Aws vpn gateway with azure vnet peering

 原文  2022-06-06 15:24:16       amazon-web-services/ azure/ vpn/ vpc/ vnet

问题描述

I have an AWS vpn gateway connected to Azure VNet in EastUS and it's working ok.我有一个连接到 EastUS 的 Azure VNet 的 AWS vpn 网关,它工作正常。 I want to create another VM in CentralUS so I created another VNet in CentralUS and created VNet peering between this and the EastUS one.我想在 CentralUS 中创建另一个 VM,因此我在 CentralUS 中创建了另一个 VNet,并在该 VM 和 EastUS 之间创建了 VNet 对等互连。 The VNet peering also working but I can't access from my VPC in AWS. VNet 对等也可以工作,但我无法从 AWS 中的 VPC 访问。 I added another static route to the private cidr of CentralUS, but I can't reach it.我向 CentralUS 的私有 cidr 添加了另一条静态路由,但我无法访问它。 Any ideas please?请问有什么想法吗? Not sure what else to do to make it work...不知道还有什么可以让它发挥作用...

1 个解决方案

解决方案1
 0  2022-06-29 13:28:18

• I would suggest you to please check the VM's NSG in that is deployed in Central US for allowed ports and services as you might be accessing the VM in Central US from East US over VPN using RDP or SSH which use port 3389 over TCP and 22 over TCP respectively. • 我建议您检查部署在美国中部的 VM 的 NSG 以获取允许的端口和服务,因为您可能正在使用 RDP 或 SSH 从美国东部通过 VPN 访问美国中部的 VM,这些端口使用 TCP 和 22 上的端口 3389分别通过 TCP。 Thus, kindly check for these ports if they are allowed or not in the AWS VPC as well as in the Azure VM's NSG.因此,请检查这些端口是否在 AWS VPC 以及 Azure VM 的 NSG 中被允许。

• Also, please check if any corporate network Azure policy is not in place for the Central US region regarding deploying Azure resources in that region like VMs and connecting to them . • 此外,请检查是否没有针对美国中部地区的企业网络 Azure 政策,以在该地区部署 Azure 资源(如 VM)并连接到这些资源 You will be able to see the corporate network Azure policy like 'Zero Trust Network Security' if configured that is blocking the access to that VM from East US in network manager's section .您将能够看到企业网络 Azure 策略,如“零信任网络安全”,如果配置为阻止从网络管理器部分中的美国东部访问该 VM

• Check the Public IP address that you have configured in the AWS VPN connection as well as in Azure virtual network gateway along with the configuration file that you have downloaded from the AWS console. • 检查您在AWS VPN 连接和Azure 虚拟网络网关中配置的公共IP 地址以及您从AWS 控制台下载的配置文件。

• It can also be the case that the IKEv1 preshared key might have expired or not entered correctly. IKEv1 预共享密钥也可能已过期或输入不正确。 Thus, kindly please also check into it.因此,请也检查一下。 Also, I would suggest you check other parameters like the encryption schemes used in the VPN gateway that have been configured in AWS as well as in Azure .另外,我建议您检查其他参数,例如已在 AWS 和 Azure 中配置的 VPN 网关中使用的加密方案 Might be there must be some glitch in configuring that in Azure side.在 Azure 端配置它时可能会有一些小故障。

• Please also check the connection from the VM that is created in Central US by executing the below command from the VM to check whether any port is blocked or not . • 请同时检查在美国中部创建的VM 的连接,方法是从VM 执行以下命令,检查是否有任何端口被阻塞 Just replace the port number in the below command: -只需替换以下命令中的端口号:-

 Test-NetConnection -Port 80 -InformationLevel "Detailed"

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS Site-to-Site VPN 和 AWS VPC 对等互连之间的区别? - Difference between AWS Site-to-Site VPN and AWS VPC peering? 如何通过 GCP-AWS vpn 中的对等访问网络? - How to access a network though peering in GCP-AWS vpn? Terraform AWS Transit Gateway 和 VPN 静态路由 - Terraform AWS Transit Gateway and VPN Static Routes AWS VPC VPN IPsec 到客户网关 - AWS VPC VPN IPsec to customer gateway AWS Transit网关/ AWS VPN隧道永不中断 - AWS transit gateway/AWS VPN tunnel never goes up AWS VPC对等 - AWS VPC Peering 是否可以在Cloudformation中设置具有VPN连接的AWS Transit Gateway? - Is it possible to set up a AWS Transit Gateway with a VPN connection in Cloudformation? 使用 VPC 对等互连连接 VPN 客户端 - Connecting VPN clients with VPC peering in between 无法在 strongswan 和 AWS VPN 网关之间设置站点到站点 vpn 连接 - Unable to Setup an site-to-site vpn connection between strongswan and AWS VPN Gateway 对等 AWS VPC 私有到 NAT - Peering AWS VPC private to NAT
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM