0

I am very new to vpn and aws. I set up an openvpn instance from AWS marketplace and launch as default. I generated my client.ovpn files and successfully connected to my aws openvpn server.

From my client pc I can ping the aws openvpn server successfully by both server's internal (172.31.12.203) and external address. But I have trouble pinging from aws server to client pc by pinging client pc's local ip (192.168.13.100).

I already setup server-client bidrectional connection from openvpn client UI by following these guides (one, two). I still cant ping my client pc.

I also tried to add route from server to route traffic from server to client as the link suggests: 

sudo ip route add 192.168.13.0/24 via 172.31.12.203

The client network structure is very simple:

  • On client side, my client pc is behind a 4G router
  • On server side, my aws openvpn instance is hosted in default vpc

I also used command on vpn server to debug while I am pinging from my client pc: 

sudo tcpdump -eni any icmp

I got following output: 

listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes  
10:40:02.300012  In ethertype IPv4 (0x0800), length 100: 172.27.232.2 >     172.31.12.203: ICMP echo request, id 26256, seq 1, length 64  
10:40:02.300044 Out ethertype IPv4 (0x0800), length 100: 172.31.12.203 > 172.27.232.2: ICMP echo reply, id 26256, seq 1, length 64

My question would be how to ping from aws to my client pc?

Tim
  • 31,888
  • 7
  • 52
  • 78
Ruoxiang Wen
  • 1

1 Answers1

0

Have you considered using a native AWS Client VPN to access your VPC? The native solution will be cleaner to use.

As for diagnosing your OpenVPN setup, check that source/dest. check is disabled for the network interface on your OpenVPN EC2 instance.

Nathan L.
  • 41
  • 1
  • 1
  • 6
  • Thank you Nathan, my purpose is to use access on-premise client network, I tried AWS Client VPN, it doesn't support access from vpc to client. – Ruoxiang Wen Jul 01 '19 at 23:33