Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Provide Site to Site VPN to all AWS VPCs

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 334 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BEB Consulting
      last edited by

      We have 2 VPNs up:

      We can ping EC2 Instances in vpc-ed23498a (172.31.0.0/16) from local pfSense network 192.168.200.0/24. <- This is GOOD

      We cannot ping EC2 Instance in vpc-999a2fe0 (10.0.0.0/18) from local pfSense network 192.168.200.0/24. <-This is NOT GOOD.

      Both IPSEC tunnels on both VPNs show up at both the AWS and pfSense side.

      Both BGP show 14 routes on both VPNs at both the AWS and pfSense side.

      We have verified ALL security groups allow all traffic in and out from 192.168.200.0./24 on AWS side.
      We have verified ALL network ACLs allow traffic in and out from 192.168.200.0./24 on AWS side.

      We have verified pfsense firewall rules allow traffic in and out from vpc-ed23498a (172.31.0.0/16) on the pfSense side.
      We have verified pfsense firewall rules allow traffic in and out from vpc-999a2fe0 (10.0.0.0/18) on the pfSense side.

      From what I see, there is nothing stopping the 192.168.200.0/24 network from communicating with both 10.0.0.0/18 and 172.31.0.0/16 networks.

      Anyone have suggestions on how to get our single pfsense appliance to reach BOTH of our AWS VPCs?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.