Unable to Access AWS EC2 Resources over Site-to-Site VPN
We have a site-to-site VPN setup between our VPC (vpc-6d9c8505, 172.31.0.0/16) and our office network (10.253.1.0/24) using a SonicWall TZ-400. The SonicWall shows both tunnels up, I can ping our EC2 instances, but can't RDP into them. I can also ping from the EC2 server to local resources, but can't access them (ie. pings my printer, but can't print to it). RDP and accessing network shares DOES work using the Client VPN Endpoint (via OpenVPN)
Note: This WAS working prior to us trying to replace our old unmanaged switch between the SonicWall and the office LAN with the TP-Link. Now, even if I put the unmanaged switch back in place, it still fails. Since the VPN client works, it fails with both switches, and security is completely open on the AWS side, the only thing I'm really left with is the SonicWall.
Tried so far:
Added an Allow All 0.0.0.0/0 rule to our AWS Security Group and Allow All in ACLs. All incoming/outgoing is currently open on the AWS VPC side.
RDP works over the VPN client, but not the site-to-site VPN, which should rule out RDP itself being blocked at my PC or the EC2 server
Ping and Tracert from PC to EC2 are successful, RDP and telnet over 3389 fail (site-to-site VPN only) in both directions. Printing from EC2 Instance to office printer also fails, so it's not specific to 3389.
Verizon Router (192.168.1.1 internal, 96.x.x.x public)
Site-to-site VPN to AWS Resources
TP-Link T1600G-28PS Switch
No VLANs, QoS, Security configured. Aside from changing the interface from the default 192.168.0.1, it's as unmanaged as it can get out of the box
Office Network (10.253.1.0/24)