So you’ve configured your customer gateway to advertise your internal networks to your AWS virtual gateway, and can confirm that internal traffic is being forwarded through the tunnels torwards Amazon, yet none of this traffic reaches your instances within VPC.
This is because the virtual gateway will not automatically install any routes being advertised by your on-premises customer gateway! You must define these networks by hand in the Routes section of your VPC.
To confirm this you can use CloudWatch to monitor the network interfaces of you instances and gateways.