I am so close to a successful AWS IPSec tunnel to my on premise (test) PA200 7.1.15.
I've downloaded the configuration file and using it as a guide, IPs, etc.
But I've been using this article to configure. Main difference is I created a specific AWS zone like I do for all my IPSec Tunnels.
I am able to access my on premise environment from the AWS EC2 instance, but not from on premise to AWS EC2 172.31.24.69.
I can't ping it or connect to the EC2 via RDP. I see the ping tries in traffic log, but nothing shows up in packet trace for the RDP attempts. <UPDATE> Resolved after correcting IPs for PBF and RDP connection from LAN.
AWS has two VPN connections for redundancy. I have both configured and active.
NOTE: My Azure IPSec tunnel works great!
Configured tunnel interfaces according to AWS text document.
Configured tunnel monitor profile.
Configured PBF like referenced in documentation. <Corrected>
Configured Static routes for both VPN connections (different metric).
Created security rules in and out for AWS zone, open.
No additional NAT rules. Just basic outbound internet rule to Untrust. <corrected>
A ping from a VM inside my LAN ages out. Nothing shows up when I try to RDP, including a packet trace, not even a drop file.