Why can't I access my classic virtual server instance privately through a client-to-site VPN server after I integrate with Transit Gateway?
After trying to access classic through a client-to-site VPN server integrated with Transit Gateway, and the allocated client IP pool is not in the 10.x.x.x range, I still cannot access my virtual server instances on classic through
its private IP address even though the client-to-site VPN connection is up and running.
By default, your classic virtual server instance is configured to route through the public interface and doesn't know how to route traffic to the private network on-premises or remote.
Follow the steps to resolve this issue:
-
Navigate to Classic Infrastructure > Devices and locate the virtual server instance.
-
Use your preferred way of virtual server management to access your classic virtual server instance through its public IP address.
-
In the Network details table, find the gateway of the private interface by hovering over the information icon of the IP address.
-
Add a route to specify the destination CIDR and the gateway IP. As an example, in the following command for Linux,
10.240.5.0/24is the CIDR of your network on-premises and10.188.170.65is the gateway of the private IP address.ip route add 10.240.5.0/24 via 10.188.170.65
For more details about adding routes on different operating systems, see How do I add the new routing for an operating system?.