How do I resolve Amazon VPC peering network connectivity issues?

Last updated: 2018-11-15

I can't establish an Amazon Virtual Private Cloud (Amazon VPC) peering connection between my VPCs. How can I resolve this?

Short description

VPC peering network connectivity failures are typically the result of incorrect or missing route tables or firewall rules. VPCs in a peering connection must be able to communicate with each other as if they are within the same network to route traffic between them using private IP addresses.


  1. Verify that the VPC peering connection is in the Active state.
  2. Be sure to update your route tables for your VPC peering connection. Verify that the correct routes exist for connections to the IP address range of your peered VPCs through the appropriate gateway.
  3. Verify that an ALLOW rule exists in the network access control (network ACL) table for the required traffic.
  4. Verify that the security group rules allow network traffic between the peered VPCs.
  5. Verify using VPC flow logs that the required traffic isn't rejected at the source or destination. This rejection might occur due to the permissions associated with security groups or network ACLs.
  6. Be sure that no firewall rules block network traffic between the peered VPCs. Use network utilities such as traceroute (Linux) or tracert (Windows) to check rules for firewalls such as iptables (Linux) or Windows Firewall (Windows).

Did this article help?

Do you need billing or technical support?