I'm new to AWS and the forum.
I've created a new VPC with a private and public subnet. The public subnet has a route table with 2 entries, one to local 10.0.0.0/16 and one to an internet gateway. The private subnet's route table only has one entry of local 10.0.0.0/16.
I've also launched an OpenVPN access server instance (from the community AMI on t2.micro) and on the VPC's public subnet, and associated it w/ and Elastic IP so I can ssh into it. And I have one EC2 instance that I lPaunched on the VPC's private subnet.
I want to be able to only access the EC2 instance on any network/computer when I am using OpenVPN. However, after I connect to the VN access server, I'm an operation timeout when I'm trying to ssh into the instance. I'm thinking this might have something to do with the security group to allow only the VPN to access the EC2 instance, but the security group right now for the private EC2 instance is set to the default. Is this the issue?
ssh -i key-pair.pem user@private-ip
Also, the main purpose of the EC2 instance in the private subnet is to show a website having to access the internet. Is there another component I have to set up in order for that to work?
Best Answer
I expect you haven't disabled the source/destination check on the VPN instance. If this isn't done AWS networking will stop it being used as a "gateway" (for the lack of a better term).
Have you used a guide to help with this? I found one here that could be useful. The AWS website will have documentation or a tutorial, you just have to find the right search keywords to locate it.