OpenVPN AWS VPC Peering Help

Post Reply
OpenVpn Newbie
Posts: 1
Joined: Mon Jun 10, 2019 8:11 am

OpenVPN AWS VPC Peering Help

Post by skychen » Mon Jun 10, 2019 8:28 am

I setup OpenVPN Access Server on an AWS VPC in region-1 and I am able to access everything from the client, but I am not able to access anything in region-2 via VPC peering. Anyone have any idea?

region-1 VPC subnet <------------peer----------> region-2 VPC subnet
aws private subnet - aws private subnet -
aws openvpn subnet -

Openvpn is configured to hand out dynamic ip subnet to clients and it is using routing instead of NAT. I am using instead of a subnet within because I couldn't get it to work with a subnet within The source and destination checks are disable for the openvpn instance. Security groups and VPC route tables are all configured. I check them multiple times. On the OpenVpn instance I can ping resources in region 2.

Wondering if subnet is the problem since it's not part of any AWS VPC subnet. it's sort of a pseudo subnet.

OpenVPN Inc.
Posts: 1068
Joined: Fri Apr 13, 2012 8:43 pm

Re: OpenVPN AWS VPC Peering Help

Post by novaflash » Mon Jun 10, 2019 10:14 am

If you use NAT, you can access other areas through VPC peering. If you use routing, you cannot. The reason is that Amazon VPC peering will not transport packets in subnets that it does not know. There is no way around this problem in Amazon AWS VPC peering.

You can use either NAT, or you can use OpenVPN itself to set up site-to-site and then do routing properly there.

Post Reply