Install OpenVPN on Ubuntu in AWS (Client to Site VPN)

Рет қаралды 10,310

Anton Putra

Күн бұрын

Пікірлер: 37

@AntonPutra Жыл бұрын

🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com

@AntonPutra Жыл бұрын

👉 How to Manage Secrets in Terraform - kzbin.info/www/bejne/aX-TpXqBrNt1mqM 👉 Terraform Tips & Tricks - kzbin.info/www/bejne/bYScZaKLid5lsJY 👉 ArgoCD Tutorial - kzbin.info/www/bejne/sHjRlZqafMZkisU

@neetpbg4 3 жыл бұрын

Holy moly, that's a lot of excellent info. Great tutorial, nice pace too! Thanks!!

@AntonPutra 3 жыл бұрын

Very welcome!

@jordanbourcier2424 Жыл бұрын

Great video Anton!

@AntonPutra Жыл бұрын

Thanks Jordan, I think it's too complicated wanna make a new one without sso.

@nvtrinh2001 2 жыл бұрын

Thank you so much for the tutorial. I've learned a lot about some of AWS services and networking concepts as well .

@AntonPutra 2 жыл бұрын

Thanks Trình!

@jamzey7568 3 жыл бұрын

As always awesome tutorial!

@AntonPutra 3 жыл бұрын

Thanks again! :)

@rritsoftwaresolutions9566 3 жыл бұрын

yours video is usefully understand way , thankq sir

@AntonPutra 3 жыл бұрын

Thank you:)

@George-mk7lp Жыл бұрын

1. do you have a script for OpenVPN on AWS with terraform? 2. is it possible to run OpenVPN on Kubernetes? is it recommended if not why? Would love to hear your opinion Thanks for the great content

@AntonPutra Жыл бұрын

Unfortunately I don't have a script, but the idea of deploying it in k8s is interesting. I'll explore it and maybe create a tutorial.

@michaelvoznyanski6815 4 ай бұрын

I am currently setting up a VPN endpoint for access to private resources, so thanks a lot. Am I right that the actions described in the first half of the video are basically the ones AWS does for us when using VPC endpoints?

@AntonPutra 4 ай бұрын

I'm not sure about the VPC endpoint, but you can use the new AWS VPC client managed service that wasn't available when I was recording this video. You may still prefer your own OpenVPN deployments because it's much cheaper but requires knowledge of how to set up and maintance.

@michaelvoznyanski6815 4 ай бұрын

@@AntonPutra why not simply use bastion host ec2 and ssh tunnelling?

@AntonPutra 4 ай бұрын

@@michaelvoznyanski6815 One major use case for a client VPN is the ability to use private DNS. For example, you can create a private Route 53 hosted zone "example.pvt" and expose some internal dashboards, maybe using Kubernetes ingress like "grafana.example.pvt." In that way, only your team members will be able to access internal services, keeping them secure without exposing them to the internet. There are other use cases as well.

@danieltelecentr 3 жыл бұрын

Hi Anton I want to say than youuuuuuuuuuuuuuuuuuuuuuuuu!!! your tutorial is awesomeee!!! I have one question, at the step generete a certificate that you said that you don't set a passphrase to make it automatic, but you said it's dangerous, It's there any other option that would be less dangerous? Thank you in advance

@AntonPutra 3 жыл бұрын

Thank you Daniel! Well, the most conservative option, when you create your CA, always keep it offline and use only intermediate to sign certs:) At least restrict access to that machine and use a passphrase would be sufficient.

@danieltelecentr 3 жыл бұрын

@@AntonPutrathank you a lot, as soon as I get the salary I'll contribute with your channel!!

@AntonPutra 3 жыл бұрын

@@danieltelecentrThank you :)

@thecuratedfeed Жыл бұрын

I have done the setup, But I'm not able to connect to vpn

@danieltelecentr 3 жыл бұрын

Hi Anton, if I had to allow instances to differents tcp ports I must change the inbound rules? to for example see an app at port 4200 I chancge in the server security group inbound rules?

@AntonPutra 3 жыл бұрын

For example, you have an app deployed on EC2 instance that only has private ip address and you want to access it locally from your development host. You would need to create anther entry in app's EC2 security group to allow por 4200 and specify source as your OpenVPN security group.

@danieltelecentr 3 жыл бұрын

@@AntonPutra thanks a lot!!!

@noname8881 Жыл бұрын

how to connect this openvpn server to another's vpc in different regions?

@AntonPutra Жыл бұрын

If you have VPC peering, you can just update /etc/openvpn/server.conf and push new routes or if not you need to deploy another openvpn instance

@hblackfox4407 2 жыл бұрын

What should I do if I want to make it Site-Site. The machine that are in openvpnserver subnet can connect to the client?

@AntonPutra 2 жыл бұрын

for site to site i would suggest to use aws vpn managed service. have you tried it?

@hblackfox4407 2 жыл бұрын

Yes I already tried it. It worked, but I want to use the opensource OVPN for my project.

@lovelykhare 2 жыл бұрын

I'm facing one issue "TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) " can you please help me on that

@AntonPutra 2 жыл бұрын

check firewall, issue with connection

@rritsoftwaresolutions9566 3 жыл бұрын

please shere the all aws and devopps , videos .

@AntonPutra 3 жыл бұрын

will do :)