Routing to custom remote destinations from VPCs through dynamic BGP VPN

Question

I have a dynamic BGP VPN between a VPC and an on-premise site (on-premise uses vyOS router/vpn concentrator). Servers in the VPC and on-premise subnets can communicate directly through he VPN. The on-premise site has access to some remote destinations via IPSec VPNs, and I need the VPC servers to be able to reach those remote destinations.

How can I make these remote destinations directly available to the servers in the VPC? Ive tried creating custom routes in the VPC that use the AWS virtual private gateway, but I see no requests to these custom destinations arriving on the VTI interface on the on-premise router. Other traffic (VPC to on-premise subnets) arrives just fine. Please what am I doing wrong?

score -1 · Accepted Answer · answered May 07 '23 at 11:58

-1

Does not seem to be possible yet,(I know it was possible when, instead of using a BGP tunnel, I setup a vyos instance in AWS and setup IPSec between THAT and the on-premise network, but that proved to be too expensive), but in the meantime I've setup a proxy VM on the on-premise subnet and direct remote requests from the AWS VPCs to to use the proxy instead.

answered May 07 '23 at 11:58

Unpossible

249
1
7
20

Downvoted by whom, and why? If there was a solution, why wasnt it shared? – Unpossible May 08 '23 at 12:29

Routing to custom remote destinations from VPCs through dynamic BGP VPN

1 Answers1