Wednesday, October 24, 2012

AWS & VPC - OpenVPN setup with private subnets...

I have finally battled the beast of getting Openvpn set up on VPC to access both public AND private subnets. There is one thing not mentioned in any of the tutorials I found that is critical. When you install OpenVPN, and it is configured for NAT, it will use a private subnet for the vpn clients on 5.5.16.0/20, which you must add a route for under VPC-> route tables -> new -> destination -> 5.5.16.0/20 -> associate (enter your subnet ID) Now when clients VPN in with openVPN, they can contact everyone on both subnets. Don't forget to allow the traffic in using the security groups both inbound and outbound as well, such as ICMP ping, so you can test communications properly (and whatever services you need). helpful links: Using from linux: http://openvpn.net/index.php/access-server/docs/admin-guides/182-how-to-connect-to-access-server-with-linux-clients.html video tutorial (great, except the route part is missing) http://dbsgkhvbz3k7m.cloudfront.net/AmazonVPC/AmazonVPC.html happy routing!

3 comments:

Matthew Barlocker said...

I found it a little easier when I was configuring OpenVPN to work with VPC. Perhaps this will help anyone else.

Rudi said...

I'm having a similar issue but wha?

VPC-> route tables -> new -> destination -> 5.5.16.0/20 -> associate (enter your subnet ID)

That doesn't make an sense to me.

Dung Nguyen said...

VPC-> route tables -> new -> destination -> 5.5.16.0/20 -> associate (enter your subnet ID)


and what is the target for the route?