Are you using BGP to Peer

ikekim001 · ‎11-15-2014

Using Cisco RV082 router I established a site-to-site connection to Amazon Web services VPN service.

I'm using a static IP address assigned to WAN1 interface on the RV082 router.

I confirmed with AWS that all is correctly configured on their side so I'm able to ping and RDP to all hosts on AWS side.

But from remote group(AWS side) I can ping our router to the static IP address and the assigned local IP of the router, but not able to ping or RDP to any of my local hosts in the LAN.

So this proves that AWS can send traffic only up to my router and doesn't pass anything on to my LAN.

How do I make this work?

I tried the access rule allowing all traffic on WAN and LAN interface.

I tried port 3389 forwarding to one of my local IP address.

I even tried disabling the firewall and none of these steps worked!

I'm thinking I must be doing something obviously wrong, but I'm out of ideas.

By the way, I can connect as a PPTP user to the WAN1 static IP address and there is no problem getting any local hosts - ping/rdp.

many thanks in advance!

ik

Reza Sharifi · ‎11-16-2014

Are you using BGP to Peer with AWS or static route?

if it is BGP are you advertising all your local routes to AWS?

If you have your own VPC at AWS you can check AWS console to make sure you can see all your local routes on the VPC.

Also, when you peer with AWS, they provide the config for your router.

HTH

ikekim001 · ‎11-16-2014

I'm using the static route config from AWS.

The connection is good.

AWS side of traffic can reach the my router LAN assigned IP address, but the traffic does not go pass that point. Hence, from AWS machine cannot reach any of my hosts locally on my side.

thanks.

Reza Sharifi · ‎11-16-2014

That is probably because you have not advertise your local routes to AWS. Assuming you have your own VPC, do you see your local routes on AWS console.

ikekim001 · ‎11-18-2014

Thanks for your responses everyone.

I got to the bottom of it.

AWS has auto-responder which requires that my local area network has to initiate the communication first in order to recognize my lan.

I think there was some type of glitch that this part was not working, but it works now.

thanks.

bestibnu1 · ‎02-04-2016

Hi ikekim001

It seems a year long but i badly need in need of the configs for my own office Could you please share the configs of Rv082 with AWS because i do have a RV042 router which is similar as 082 also am not a expert in router config but i could do if you share the configs me to follow up

thanks

ckimberly85 · ‎03-21-2016

Could you provide a link for the auto-responder information for AWS? I think I may be running into the same issue. I have the tunnel built with a 5512. I cannot ping devices on my LAN from AWS unless I initiate traffic from my LAN first. Thanks!

site-to-site VPN tunnel connected to AWS using RV082 but unable to ping any local hosts.