More information when creating a new SSTP VPN connection to an Amazon AWS Windows Server

After creating a new SSTP connection and installing the certificate there are some additional steps that can be followed.

Those are in order not to route all Internet Traffic through the Amazon AWS Windows VPN and NAT server.

Here are the steps:

1. Right click the VPN connection adaptor -> Go to Properties and under Advanced config make sure "Use default gateway on remote network" is unchecked.

2. Connect to the VPN Server

3. As connection is succesful, there are no active routes to the private network instances. In order for this to be possible, following command needs to be run as administrator:
route add 10.0.1.10 mask 255.255.255 172.19.3.0

where:
10.0.1.10 - Private IP of the instance to be accessed via RDP
172.19.3.0 - VPN IP for the VPN and NAT Windows Server

4. You should now be able to RDP into the private instance.

5. The newly added routes should be automatically removed on VPN disconnect. If not, they can be automatically removed using:
route delete 10.0.1.10