OpenVPN, OpenSwan, and AWS VPC

The last week or so I have been working on the content of Linux Academy’s new Hybrid AWS Technologies course.  Going through the OpenVPN and OpenSwan lessons I thought it to be the perfect opportunity to talk a little bit about how awesome these open source VPN solutions are.

If you’ve gone through any of our AWS courses at the Linux Academy you probably already know that Amazon VPC has built-in functionality that you can use to utilize in order to connect your on-premise network to your VPC instances on the Amazon cloud. But if you’re a business that already uses OpenVPN or an OpenSwan VPN server at your on-premise networks then today I want to talk a little bit about connecting those two environments.

There are several ways in which you can setup VPN access to provide secure access to your private resources within AWS. One popular method is to spin up an OpenVPN instance in your AWS cloud and use a client to connect from your clients machines in to your VPC thus giving you secure access to all the resources.  Basically there is an easy to use client that installs on both Windows, Linux, OSX and even most smart phones.  This method is a great way for developers to gain access to private SQL resources etc without opening up un-necessary ports in to those servers from the public internet.

But what if you have a whole office of employees that need access to internal resources on a regular basis? Wouldn’t it be nice to just have an always-on connection from that entire network to all your private aws resources? Well the good news is you can actually very easily setup a site-to-site VPN connection between your offices, and remote data centers seamlessly in to your AWS VPC networks! In the new Hybrid AWS Technologies course I go over how easy it is to setup an OpenVPN Access Server so you can achieve on the fly and on the cheap secure connections.

Once you can tie together your data centers in to your Amazon cloud imagine the possibilities?  We can add windows active directory domain controllers inside the AWS VPC so that we can start to utilize our existing identity users of our organizations.  And in the last few weeks since Amazon has announced there new AWS Management portal for vCenter we can now start to migrate our server images that we have grown to trust in our vSphere environments and push them right on up in to Amazon EC2!  I’ll have more on that subject very soon in my follow up post about Amazons new vCenter tool.  What cool and exciting possibilities can you now start to take advantage of now that you have a real hybrid cloud?  All of your recourse’s are now one between your traditional data center and your AWS cloud data centers.  Will you start to migrate all of your services to the cloud or will just run certain applications stacks in AWS?  The possibilities are endless.

Stephen Smith

Stephen Smith is a Systems Infrastructure Security Engineer with over 16 years of architecting experience. He has been with Linux Academy since the beginning and teaches courses on Linux, AWS, Azure, and OpenStack. Stephen's passion is OpenStack and holds many certifications and is very active within the OpenStack Foundation's community.