IPSec Tunnel VyOS+AWS: Cannot communicate from router to other side
I have a site (192.168.1.0/24) with a VyOS based router connecting to an AWS VPC (10.7.0.0/16) through IPSec tunnel set up with dynamic routing (BGP). The tunnel itself works: The clients on site can ping and access the servers inside the VPC. However, when I try to ping or access them from the router it fails.
My research so far has led me to believe that the router sends its pings out the wrong interface (to the ISP instead of the tunnel). If I specify the router's source address while doing a ping it works: /bin/ping -I 192.168.1.1 10.7.0.1
However, I need the router to not only do pings, but also send DNS queries inside the VPC. How can I configure it so that traffic that originates from the router and that is directed at hosts inside 10.7.0.1/16 also goes through the tunnel?
Я не эксперт по работе с сетями (наткнулся на ваш вопрос при поиске ответа), но разве вы не должны использовать "ping xx.xx.xx.xx источник yy.yy.yy.yy" при пинге с маршрутизатора ? где yy.yy.yy.yy - это внутренний адрес маршрутизатора.