AWS/OpenVPN Site-to-Site question
Posted: Tue Dec 13, 2022 6:23 pm
I work for an IT MSP and we have a client that works with hospitals to consume healthcare data. Essentially how it works is we establish a VPN tunnel on our client's Cisco ASA Firewall to connect to the hospital's firewall as a site-to-site. Currently, we have over 100 tunnels on the firewall and we are looking for a solution to off-load some of that traffic.
The idea is to leverage AWS and OpenVPN, but I would like to know if this idea is possible. I've been playing around with OpenVPN Cloud and I have concerns if it will work or not.
The idea is to have a connector on AWS pointing to our client's network/Cisco Firewall and then setup a connector on AWS pointing to a hospital's network/their firewall. The traffic will go through AWS/OpenVPN and redirect toward our client's network and vice versa. When new hospitals come up to establish a VPN tunnel with our client, we can then just create a new connector for that hospital. If this works, we would like to start off-loading the hospitals that have an established tunnel to the Cisco Firewall and have them go through AWS/OpenVPN Cloud.
From what I understand (but could be wrong), we would also need a connector installed on the client's network and one on the hospital's network in order for them to actually communicate with AWS/OpenVPN Cloud, which would not be viable. The hospitals would most likely have an issue installing the connector on their network.
Hopefully I was able to explain this well and I am looking for any guidance if this idea is even possible with OpenVPN.
The idea is to leverage AWS and OpenVPN, but I would like to know if this idea is possible. I've been playing around with OpenVPN Cloud and I have concerns if it will work or not.
The idea is to have a connector on AWS pointing to our client's network/Cisco Firewall and then setup a connector on AWS pointing to a hospital's network/their firewall. The traffic will go through AWS/OpenVPN and redirect toward our client's network and vice versa. When new hospitals come up to establish a VPN tunnel with our client, we can then just create a new connector for that hospital. If this works, we would like to start off-loading the hospitals that have an established tunnel to the Cisco Firewall and have them go through AWS/OpenVPN Cloud.
From what I understand (but could be wrong), we would also need a connector installed on the client's network and one on the hospital's network in order for them to actually communicate with AWS/OpenVPN Cloud, which would not be viable. The hospitals would most likely have an issue installing the connector on their network.
Hopefully I was able to explain this well and I am looking for any guidance if this idea is even possible with OpenVPN.