IPsec remote networks issue

I have a Peplink Balance 210 (HW rev. 4, firmware 8.0.0) and I’ve run into an odd issue with an IPsec VPN tunnel that we have configured.

This tunnel is connected to an AWS site-to-site VPN, which itself is connected to an AWS transit gateway that routes to a few different VPCs in our AWS account.

Initially, the transit gateway was only configured to route to a single VPC so in our Peplink IPsec config I had only one network (172.16.1.0/24) configured in the “remote networks” section, and it worked fine. Recently, I added another VPC connection to the transit gateway and configured the VPC’s network range with the additional subnet (172.16.2.0/24). However, since I added the extra remote network I can no longer connect to the servers in the original VPC (172.16.1.0/24). If I remove the 172.16.2.0/24 from the VPN remote network config, then I’m able to connect to the instances in 172.16.1.0/24 again.

Any idea what the problem is here? It could very well be an issue at the AWS end, but since neither AWS nor the Balance 210 have any way to view VPN logs at a useful level, I can’t tell what’s going on. Should this be working the way I assume, or am I doing it wrong?

Thanks,
Guy

Please help to open ticket and attention to me. I believe some settings need to be fine-tuned.

Thanks.

Thanks, I went ahead and did that.