stackoom
  简体   繁体   中英

Aws vpn gateway with azure vnet peering

 原文  2022-06-06 15:24:16       amazon-web-services/ azure/ vpn/ vpc/ vnet

Question

I have an AWS vpn gateway connected to Azure VNet in EastUS and it's working ok. I want to create another VM in CentralUS so I created another VNet in CentralUS and created VNet peering between this and the EastUS one. The VNet peering also working but I can't access from my VPC in AWS. I added another static route to the private cidr of CentralUS, but I can't reach it. Any ideas please? Not sure what else to do to make it work...

1 answers

solution1
 0  2022-06-29 13:28:18

• I would suggest you to please check the VM's NSG in that is deployed in Central US for allowed ports and services as you might be accessing the VM in Central US from East US over VPN using RDP or SSH which use port 3389 over TCP and 22 over TCP respectively. Thus, kindly check for these ports if they are allowed or not in the AWS VPC as well as in the Azure VM's NSG.

• Also, please check if any corporate network Azure policy is not in place for the Central US region regarding deploying Azure resources in that region like VMs and connecting to them . You will be able to see the corporate network Azure policy like 'Zero Trust Network Security' if configured that is blocking the access to that VM from East US in network manager's section .

• Check the Public IP address that you have configured in the AWS VPN connection as well as in Azure virtual network gateway along with the configuration file that you have downloaded from the AWS console.

• It can also be the case that the IKEv1 preshared key might have expired or not entered correctly. Thus, kindly please also check into it. Also, I would suggest you check other parameters like the encryption schemes used in the VPN gateway that have been configured in AWS as well as in Azure . Might be there must be some glitch in configuring that in Azure side.

• Please also check the connection from the VM that is created in Central US by executing the below command from the VM to check whether any port is blocked or not . Just replace the port number in the below command: -

 Test-NetConnection -Port 80 -InformationLevel "Detailed"

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Difference between AWS Site-to-Site VPN and AWS VPC peering? How to access a network though peering in GCP-AWS vpn? Terraform AWS Transit Gateway and VPN Static Routes AWS VPC VPN IPsec to customer gateway AWS transit gateway/AWS VPN tunnel never goes up AWS VPC Peering Is it possible to set up a AWS Transit Gateway with a VPN connection in Cloudformation? Connecting VPN clients with VPC peering in between Unable to Setup an site-to-site vpn connection between strongswan and AWS VPN Gateway Peering AWS VPC private to NAT
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM