how complicated is a VPN between AWS regions

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Skaperen
OpenVPN Power User
Posts: 89
Joined: Fri Aug 05, 2011 3:02 pm
Contact:

how complicated is a VPN between AWS regions

Post by Skaperen » Wed May 03, 2017 9:48 am

how complicated is it to set up a VPN between two AWS regions? has anyone here ever done it? is OpenVPN a good choice for this? what type of instance would it need? are there any instructions online specifically for this?

BenHar
OpenVPN User
Posts: 24
Joined: Wed Feb 22, 2017 10:37 am

Re: how complicated is a VPN between AWS regions

Post by BenHar » Wed May 03, 2017 10:18 am

Amazon Virtual Private Cloud (Amazon VPC) offers a comprehensive set of virtual networking capabilities that provide AWS customers with many options for designing and implementing networks on the AWS cloud. With Amazon VPC, customers can provision logically isolated virtual networks to host their AWS resources. Customers can create multiple VPCs within the same region or in different regions, in the same account or in different accounts.

Read it on aws.amazon.com search it and there's a guide for this setting.

Skaperen
OpenVPN Power User
Posts: 89
Joined: Fri Aug 05, 2011 3:02 pm
Contact:

Re: how complicated is a VPN between AWS regions

Post by Skaperen » Thu May 04, 2017 1:58 am

so VPCs can just be connected together?

doing nothing, VPCs in the same region are "connected" ... traffic from one addressed to another does get there ok, but between regions requires addressing the public IP address and security group setup to allow it through. lots of work each time.

BenHar
OpenVPN User
Posts: 24
Joined: Wed Feb 22, 2017 10:37 am

Re: how complicated is a VPN between AWS regions

Post by BenHar » Tue Jun 13, 2017 12:32 pm

Skaperen wrote:so VPCs can just be connected together?

doing nothing, VPCs in the same region are "connected" ... traffic from one addressed to another does get there ok, but between regions requires addressing the public IP address and security group setup to allow it through. lots of work each time.

Yes exactly!

Skaperen
OpenVPN Power User
Posts: 89
Joined: Fri Aug 05, 2011 3:02 pm
Contact:

Re: how complicated is a VPN between AWS regions

Post by Skaperen » Sat Jul 08, 2017 6:45 am

that's why i wrote a script to auto-configure it and built it into an AMI. just launch the AMI in 2 regions and the 2 instances find each other and share a key via tags. it even includes address translation in the OpenVPN configuration to deal with VPCs having the same IPs. launch more instances in other regions (one instance per region) and they automatically build tunnels between all regions (91 tunnels for 14 regions).

Nacmac
OpenVpn Newbie
Posts: 1
Joined: Fri Jul 14, 2017 8:05 pm

Re: how complicated is a VPN between AWS regions

Post by Nacmac » Fri Jul 14, 2017 8:06 pm

that's why i wrote a script to auto-configure it and built it into an AMI. just launch the AMI in 2 regions and the 2 instances find each other and share a key via tags. it even includes address translation in the OpenVPN configuration to deal with VPCs having the same IPs. launch more instances in other regions (one instance per region) and they automatically build tunnels between all regions (91 tunnels for 14 regions).
That sounds amazing. Is that code available somewhere (github, etc)?

Skaperen
OpenVPN Power User
Posts: 89
Joined: Fri Aug 05, 2011 3:02 pm
Contact:

Re: how complicated is a VPN between AWS regions

Post by Skaperen » Thu Jul 20, 2017 1:08 am

i am not releasing this source code. the current plan is to market the AMI with a free-trial period.

anxjk
OpenVpn Newbie
Posts: 3
Joined: Wed Jan 04, 2017 3:06 pm

Re: how complicated is a VPN between AWS regions

Post by anxjk » Wed Aug 02, 2017 1:39 am

Skaperen wrote:i am not releasing this source code. the current plan is to market the AMI with a free-trial period.
Do you have a link?

Post Reply