On 16 Nov 2016, at 19:42, Mathew Marulla <matt_m at me.com> wrote: > Confused now... Is your VPN entirely within AWS? Yes. > If not, how are you connecting over the public internet with a private IP? I don’t. I connect to the EIP. But StrongSWAN don’t need to know that.