- Newest
- Most votes
- Most comments
If you want to use this as an Internet access solution, to process all traffic with ClientVPN you just need to add a destination 0.0.0.0/0 route in the Endpoint Routes section on ClientVPN in the AWS Console.
Read the documentation here on how to do this: https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-working-routes.html
Your suggestion looks similar to de-activating split-mode, but implemented by adding a general route for 0.0.0.0/0. Interesting.
However, in most cases, we want it to be as it is, split-mode with only private traffic going through the VPN. But maybe... access to the individual subnets is granted by group memberships, so by changing a User's group membership, I could make him switch between all or partial traffic through the VPN. Somewhat clumsy though.
Not sure how to proceed. The easiest way would probably be to just create a second endpoint that will tunnel all traffic, and for cost saving, hav this up only when needed, which will be not often. But then I have to figure out how to quickly get an endpoint up and down, and so I had the idea to use a VPN inside a VPN. Which seemed smart to me, until I saw AWS Client VPn dropping the connection.
Relevant content
- asked a month ago
- asked 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago