Forum Discussion
Point-to-Site VPN clients to reach AWS EC2 instance through VPN public IP
Hello,
I'm currently moving our on-premises DC's and infrastructure to Azure.
We have an EC2 instance on AWS hosting a subversion server to which ports are restricted in a security group to our on-premises Meraki firewall public IP. Users while connected to our Meraki Client VPN can access the subversion server.
I opened the ports to our Azure VPN gateway public IP.
This wasn't working.
I checked the public IP's on a few clients connected to the VPN and they all had their home gateway public IP's.
After looking through a few threads it seems that the Point-to-Site VPN tunnel traffic only points to Azure resources.
Is there any way to have a similar if not the same setup that I have with our on-premisses Meraki firewall with the Azure Point-to-Site VPN. Is it possible to route traffic from a specific port while connected to the Azure VPN to go through the VPN gateway or internet gateway in my azure Vnet.
Any help or pointers would be appreciated.
- KurtBMayerSteel Contributor
Azure VPN can't route for specific ports. One way I can think to do this is on the P2S VPN page, also populate the Additional Subnets and could provide a W.X.Y.Z/32 for the certain IP of the Meraki.
You'd likely need a S2S VPN setup in Azure between it and AWS. You'd also need to enable Gateway Transit.
Another way could be Configure forced tunneling for Virtual WAN Point-to-site VPN.
Please like or mark this thread as answered if it helped you, thanks!