I am trying to host Pritunl VPN on EC2 instance which is in private subnet(no public IP). The idea is to host it via
1) Application Load Balancer
The issue with this approach is, Pritunl uses UDP protocol for connection but ALB doesn't support UDP.
2) Network Load Balance
I created NLB with listeners for TCP 80 and 443 ports. Security groups are allowing access to these ports from everywhere(just for test). But when I try to use URL, hosted using route53 with NLB as an alias, it gives me 'ERR_EMPTY_RESPONSE'.
I tried this whole setup using EC2 on public IP address and everything works fine.
Can someone tell me what's the best approach to handle this?
Create a Target group of target type ALB and route traffic from port 80 to 443 and route traffic of port 443 to a Target group of target type Instance and add the Pritunl instance to it Both target groups should use port 443 as target port, as the pritunl by default runs on port 443.. From the NLB create Listeners TCP 80 and TCP 443 and route them to the above TG.
NLB LISTNERS
Target groups