I have a cluster of 1 master and 2 replica servers spread across Availablity Zones in one VPC in AWS. We have a couple remote, locked down VPCs that for security reasons do not have access to the rest of our infrastructure. For this reason, I want to place an IPA Replica in those remote VPCs.

I was wondering what type of proxy I could place in front of the IPA Master to allow communication with these remote replicas on all required ports. I want to use a proxy to avoid having our IPA setup directly connected to the internet as would be required for the remote replicas to communicate.