Remote computers:
Endpoint1: These IP address: 192.168.20.0/24 (client network)
Endpoint2: These IP address: 192.168.10.0/24 (AWS network)
Requirements: require inbound and clear outbound
Method Advanced: First auth: Preshared Key
Advanced:
Profile: domain, private, public
Interface type: all interface
IPsec tunneling: User IPsec tunneling,
endpoint 1: 192.168.20.11 (host IP)
endpoint 2: AWS provided remote tunnel endpoint
AWS Side Network:
Customer Gateway Address: cline Public IP
Category VPN
Routing Static
Static Routes: 192.168.20.0/24
! Script for Tunnel 1:
netsh advfirewall consec add rule Name="Tunnel 1" ^
Enable=Yes Profile=any Type=Static Mode=Tunnel ^
LocalTunnelEndpoint=192.168.20.11 ^
RemoteTunnelEndpoint=[AWS Provided] Endpoint1=192.168.20.0/24 ^
Endpoint2=192.168.10.0/24 Protocol=Any Action=RequireInClearOut ^
Auth1=ComputerPSK Auth1PSK=[AWS Provided] ^
QMSecMethods=ESP:SHA1-AES128+60min+100000kb ^
ExemptIPsecProtectedConnections=No ApplyAuthz=No QMPFS=dhgroup2
Make sure the Firewall is on and it will initiate the IPsec VPN. Check VPC\routing table make sure it appoint to new virtual gate way if you renew the VPN connection. Switching IPsec tunnel connection, security group, if something should work but not working
Ref:
http://www.blog.labouardy.com/vpn-connection-aws-resources-raspberry-pi-3/
https://forums.aws.amazon.com/thread.jspa?threadID=116589
No comments:
Post a Comment