Amazon is hosting an Application server my users access via RDP. (10.0.0.110)
We have an IPSec connection to the Amazon VPC via SRX300.
I need to give my users access to this Amazon resource from various locations around the country as they travel for the next 10 days; instead of opening a connection direction to the VM via Amazon gateway or managing all the various IP addresses they will be using, I would like to use the SRX.
Ideally my users would use RDP to hit the public IP address of our SRX using a port other than 3389 (173.161.47.x:3456) and be directed to the application server (10.0.0.110:3389) over the IPSec connection.
I have tried to make this happen several times with zero luck.
I dont have any examples of my failures; when they did not work I rolled back the configuration. Also, I am actually on vacation but need to come up with a solution this weekend if I can.
Traffice between Amazon and my local internal network works flawlessly.
routing-options {
static {
route 10.0.0.0/16 next-hop [ st0.1 st0.2 ]; <-- Local network to Amazon
route 0.0.0.0/0 next-hop 173.161.47.x; <-- Local network to public internet.
route 192.168.2.0/24 next-hop st0.3; <-- traffic to remote office over IPSec
route 192.168.3.0/24 next-hop st0.3; <-- traffic to remote office over IPSec
Any direction you be greatly appreciated.
To sum it up:
Traffic hits the SRX over public IP 173.161.47.x:3456 sent through to Amazon app server over IPSEC VPN 10.0.0.110:3389 and remote desktop magic happens.
