Using Auth0 with AWS Client VPN

Has anyone tried to use Auth0 with Google external auth while restricting internal traffic with the AWS Client VPN? We have our product sitting behind some load balancers. I have Auth0s list of IPs that should be allowed but I am still getting timeouts that are not present if I open http/s traffic to the world, so I know something is getting smacked down that shouldn’t be. Do we need to allow traffic from all of Google advertised ranges? I hope not as they own half the internet. Now I’m just thinking (typing?) out loud. Any tips from anyone who has covered this path already?