How can a Client VPN user get a static IP address to access the internet?
Last updated: 2021-05-12
How can I allow AWS Client VPN users access to the internet with a static public IP address?
Follow these instructions to create a NAT gateway and allow a Client VPN user to access the internet.
Note: Creating a NAT gateway results in additional AWS charges. For more information, see NAT gateway pricing.
2. Follow the instructions to create a NAT gateway with the public subnet. The NAT gateway is assigned an Elastic IP address. Note this example route table:
Route table for the public subnet associated with the NAT gateway: 0.0.0.0/0 Target destination Internet Gateway (IGW)
3. Associate the Client VPN endpoint with the private subnet. The private subnet has a route to the internet through the NAT gateway. Note this example route table:
Route table for the private subnet associated with the Client VPN endpoint: 0.0.0.0/0 Target destination nat-abcdbac(NAT Gateway)
4. Add a Client VPN endpoint destination route 0.0.0.0/0 or the destination's public IP address range on the Client VPN route table. For the target VPC subnet ID, select the private subnet from step 3. For more information, see create an endpoint route.
5. Add an authorization rule to enable access to the internet (0.0.0.0/0), or the specified public network IP address. For more information, see create a Client VPN authorization rule.