AWS VPN NAT'ing

Question

This seems like a basic questions, but I'm having difficulty finding an appropriate solution.

I have a VPN connection to AWS and need to access my EC2 instance at, say, 10.1.0.40, but I already have a subnet locally for 10.1.0.x/24. How can I NAT the address in AWS so that when it receives data through this VPN, it maps, say 10.1.50.40 to 10.1.0.40?

This seems like it would be a pretty basic request, but I can't seem to find the solution on AWS. NAT instances and NAT gateways all talk about accessing the Internet from a private server and seem to have little to do with this simple address translation from a VPN connection.

What am I missing?

Thank you!

Answer 1

You cannot use AWS NAT Gateway or an EC2 instance to solve the problem of CIDR overlap when setting up a VPN connection. For this to work either

• NATing should happen from On-Premise.
• Create a new private subnet to represent in your VPC side.
• To user Third-party VPN solution hosting on an EC2 instance which supports your use case, instead of using VPC native VPN.

For more details go through this AWS Forum Discussion.