How to access EC2 instance in a private network from my laptop through pfSense?

  • Hello!

    I have a private network at AWS in which I have an EC2 instance. I would like to access that instance on that private network from my laptop.

    This is what I am trying to setup:

    MyLaptop --------L2TP/IPSec--------> pfSense --------IPSec--------> AWS-VPC

    …so I will be able to ssh direct into my EC2 instance from my laptop without SSH into pfSense first and then from there ssh into the EC2 instance.

    The network my VPC has that the EC2 instances resides in is
    The network the pfSense installation resides in is
    The network my laptop resides in is The remote address range that L2TP is configured to use for its clients is

    I have a working L2TP/IPSec tunnel from my laptop to pfSense. And from pfSense to AWS I have a working IPSec tunnel. I can access the EC2 instance from pfSense! And I can access pfSense from my laptop. But I cannot access the EC2 instance from my laptop.

    To access my EC2 instance in the private AWS network from my laptop, I guess I have to create a route in the routing table on pfSense from my network (L2TP) to the gateway (the network pfSense is in and the interface the connection to AWS is on) so the routing table becomes something like this:

    netstat -nr
    Routing tables
    Destination        Gateway            Flags     Netif Expire
    default          UGS         em0          link#9             UH          l2tp1        UGS         em0

    But I still cannot access my EC2 instance (that has IP from my laptop. The pfSense firewall accepts all traffic from any source to any destination for both IPSec and L2TP.

    So, what am I missing?

Log in to reply