Forum Discussion

SIL-ChristianDias's avatar
SIL-ChristianDias
Copper Contributor
Aug 16, 2022

Point-to-Site VPN clients to reach AWS EC2 instance through VPN public IP

Hello,

 

I'm currently moving our on-premises DC's and infrastructure to Azure. 

 

We have an EC2 instance on AWS hosting a subversion server to which ports are restricted in a security group to our on-premises Meraki firewall public IP.  Users while connected to our Meraki Client VPN can access the subversion server.

 

I opened the ports to our Azure VPN gateway public IP.

This wasn't working.

I checked the public IP's on a few clients connected to the VPN and they all had their home gateway public IP's.

After looking through a few threads it seems that the Point-to-Site VPN tunnel traffic only points to Azure resources.

Is there any way to have a similar if not the same setup that I have with our on-premisses Meraki firewall with the Azure Point-to-Site VPN. Is it possible to route traffic from a specific port while connected to the Azure VPN to go through the VPN gateway or internet gateway in my azure Vnet.

 

Any help or pointers would be appreciated.

  • KurtBMayer's avatar
    KurtBMayer
    Steel Contributor

    SIL-ChristianDias 

     

    Azure VPN can't route for specific ports. One way I can think to do this is on the P2S VPN page, also populate the Additional Subnets and could provide a W.X.Y.Z/32 for the certain IP of the Meraki.

     

    You'd likely need a S2S VPN setup in Azure between it and AWS. You'd also need to enable Gateway Transit.

     

    Another way could be Configure forced tunneling for Virtual WAN Point-to-site VPN.

     

    Please like or mark this thread as answered if it helped you, thanks!

Resources