Provide Site to Site VPN to all AWS VPCs
-
We have 2 VPNs up:
We can ping EC2 Instances in vpc-ed23498a (172.31.0.0/16) from local pfSense network 192.168.200.0/24. <- This is GOOD
We cannot ping EC2 Instance in vpc-999a2fe0 (10.0.0.0/18) from local pfSense network 192.168.200.0/24. <-This is NOT GOOD.
Both IPSEC tunnels on both VPNs show up at both the AWS and pfSense side.
Both BGP show 14 routes on both VPNs at both the AWS and pfSense side.
We have verified ALL security groups allow all traffic in and out from 192.168.200.0./24 on AWS side.
We have verified ALL network ACLs allow traffic in and out from 192.168.200.0./24 on AWS side.We have verified pfsense firewall rules allow traffic in and out from vpc-ed23498a (172.31.0.0/16) on the pfSense side.
We have verified pfsense firewall rules allow traffic in and out from vpc-999a2fe0 (10.0.0.0/18) on the pfSense side.From what I see, there is nothing stopping the 192.168.200.0/24 network from communicating with both 10.0.0.0/18 and 172.31.0.0/16 networks.
Anyone have suggestions on how to get our single pfsense appliance to reach BOTH of our AWS VPCs?