When you create a Client VPN endpoint route, you specify how traffic for the destination network should be directed.
To allow clients to access the internet, add a destination 0.0.0.0/0 route.
You can add routes to a Client VPN endpoint by using the console and the AWS CLI.
To create a Client VPN endpoint route (console)
Open the Amazon VPC console at https://console.aws.amazon.com/vpc/
. -
In the navigation pane, choose Client VPN Endpoints.
-
Select the Client VPN endpoint to which to add the route, choose Route table, and then choose Create route.
-
For Route destination, specify the IPv4 CIDR range for the destination network. For example:
-
To add a route for the VPC of the Client VPN endpoint, enter the VPC's IPv4 CIDR range.
-
To add a route for internet access, enter
0.0.0.0/0. -
To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range.
-
To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range.
-
-
For Subnet ID for target network association, select the subnet that is associated with the Client VPN endpoint.
Alternatively, if you're adding a route for the local Client VPN endpoint network, select
local. -
(Optional) For Description, enter a brief description for the route.
-
Choose Create route.
To create a Client VPN endpoint route (AWS CLI)
Use the create-client-vpn-route
