ramaraosrikakulapu
commented
2 years ago Upon the discussion here is the arch diagram for the use case -
- EC Server is running from a VPN and connecting to target resource. VPN network is secured with proxy for connecting to public network.
- EC gateway is running from and AWS VPC (AWS VPC - 2), where all EC gateways maintained for the customer. VPN and 'AWS VPC - 2' are connected with 'Direct Connect' and accessible via secure channels with 'no proxy' settings.
- So EC server must add gateway DNS name to the 'no proxy' to be able to connect to the gateway.
- EC Client is running in customer owned VPC (AWS VPC - 1) and windows EC2 machine. 'AWS VPC 1' is secured with a custom proxy server and all the network traffic to public network will go through the proxy configured on VPC.
- Customer VPC (AWS VPC 1) has 'Direct connect' with 'AWS VPC - 2' and accessible via secure channel with 'no proxy' settings.
- Created network adaptor and added target system IP's to the client windows local loopback adaptor.
- Root cause for connection failure: Since customer VPC (AWS VPC 1) is secured with custom proxy, all the traffic is going through the proxy servers. And EC client is trying to connect to the gateway and target system via public network.
- Solution: Add gateway DNS name, target system DNS names and/or IP range to 'no proxy' in the client windows EC2 machine. So that all traffic to gateway and target system will use 'Direct Connect' between the networks.
Scenario: Customer had reported an issue for 'Connection failure' for windows VLAN