• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

AWS VPC Routing and Positioning.

Scheduled Pinned Locked Moved Routing and Multi WAN
2 Posts 1 Posters 403 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    plutocrat
    last edited by Dec 16, 2017, 7:45 AM

    Hi,
    Hoping this is in a sensible part of the forums … I'm planning to use pfsense as a means to control access to servers in an AWS VPC, and I'm trying to get my head around the general positioning of the device so that it does what I want.

    The setup is like this

    • VPC 10.1.0.0/16

    • subnet A 10.1.10.0/24

    • subnet B 10.1.20.0/24

    • subnet C 10.1.30.0/24

    I have some developers that are only allowed to access machines in Subnet A. Some only in B, and some in both. Where do I position pfsense to allow me to write those rules, to allow different users access on a per-subnet, or per-machine basis.

    I also have an app in another cloud (azure) which needs to connect to an RDS database over a VPN tunnel. Any hints for that?

    I'm familiar with pfsense and have used it on many occasions in the past. But I'm fairly new to AWS VPCs, so that's where I need the pointers.

    1 Reply Last reply Reply Quote 0
    • P
      plutocrat
      last edited by Dec 20, 2017, 12:53 AM

      OK, so lets try some more specific questions,

      • should the pfsense instance be in one of those subnets, and I just write routing rules to give it access to the other subnets. Or do I create a fourth subnet (maybe public?) to give it access.
      • Presumably I need to set up an interface in pfsense for each subnet? How do I do that in AWS - I'm a bit lost with their strange way of doing things.
      • How do I limit access to certain subnets / machines on a user by user basis. Would I do that in pfsense or in AWS.

      What makes sense here. I'm guessing someone must have struggled with this environment before.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received