OpenVPN how to add route to AWS Load balancer

Question

I have a load balancer in AWS, I want to restrict access in its security group to be accesible only from my OpenVPN server.

Now, I would like to use

push "route a.b.c.d 255.255.255.255"

in server.conf, in order to advertise the loadbalancer address to VPN clients as being accessible through the VPN

The problem here is that AWS uses CNAMEs for pointing to load balancers kind of MyDomainELB-918273645.us-east-1.elb.amazonaws.com instead of IPs

How could I advertise my clients to reach AWS load balancers through VPN ?

score 0 · Answer 1 · answered Oct 04 '18 at 11:00

0

I've found the solution using an AWS internal load balancer instead of an AWS "internet-facing" load balancer. Then a CNAME pointing to load balancer will resolve an internal IP, the subnet of this IP must be pushed as a route in OpenVPN config file.

answered Oct 04 '18 at 11:00

jmhostalet

301
1
3
7

OpenVPN how to add route to AWS Load balancer

1 Answers1