AWS - Establish Site-to-Site VPN Connection | Concept | Demo

Поділитися
Вставка
  • Опубліковано 29 лис 2024

КОМЕНТАРІ • 35

  • @arsalananwar8265
    @arsalananwar8265 Рік тому +1

    This will help a lot of folks! Great explanation, keep making more and more videos.

  • @shishirabhishek4811
    @shishirabhishek4811 5 років тому +1

    Thanks for placing this video , quite clear enough to understand for VPN configuration...I tried the same and it worked like a charm.. thanks again..

  • @TheLablujan
    @TheLablujan 4 роки тому +1

    THanks for the full explanation !

  • @el_patron_de_los_tacos
    @el_patron_de_los_tacos 4 роки тому +1

    Men thanks a lot your a sunshine, you explain me all that i need, god bless you. Best regards from Mexico.

    • @Cloud4DevOps
      @Cloud4DevOps  4 роки тому +1

      Appreciate your focus and glad my videos helping you.. Please share among your circle to get more technical minds..

  • @shwetasharma3263
    @shwetasharma3263 2 роки тому +1

    Thanks for clear explaination.But After doing hands on and followng all the steps AWS Tunnel 1 status is not changing to up.Could you suggest what could be the reasons for the tunnel disconnection.I have tried with Putty for windows.

    • @Cloud4DevOps
      @Cloud4DevOps  2 роки тому +1

      When you sat 1 status of tunnel is not changing, is that you are configuring active-active configuration into your env , or its just active-passive and in this case none of tunnel is up , it seems one of routing issue.. Without actual error its tough to say, in most of cases its routing issue.

  • @vinayveerabhadra7280
    @vinayveerabhadra7280 3 роки тому +1

    Once again, Thankyou

  • @kakmr5
    @kakmr5 Рік тому

    Hi i am getting error while installing Openswan -
    Last metadata expiration check: 1:01:33 ago on Sun Jul 30 18:41:01 2023.
    No match for argument: openswan
    Error: Unable to find a match: openswan

  • @MrSanjibdutta
    @MrSanjibdutta 3 роки тому +1

    Just a quick comments ..I think you probably missed the last step of showing connection to the public ip of private ec2 from your vpn server after ssh into it...Thanks

  • @ayieecorral5711
    @ayieecorral5711 2 роки тому +1

    Hi, I'm struggling with what to use virtual private gateway or transit gateway? which one is much cheaper? I have 1 VPC with 1 subnet and 1 ec2 instance. I want my 2 network on premise to connect to my VPC via VPN. I Setup already my EC2 instance and VPC just this VPN thing I'm struggling. I badly need some help T_T

    • @ayieecorral5711
      @ayieecorral5711 2 роки тому

      I'm not in network engineer job T_T

    • @Cloud4DevOps
      @Cloud4DevOps  2 роки тому +1

      @@ayieecorral5711 Transit gateway is faster and act as cloud router so its better to use TGW..

    • @ayieecorral5711
      @ayieecorral5711 2 роки тому

      @@Cloud4DevOps hi so i dont need to setup a vpn site to site?

    • @ayieecorral5711
      @ayieecorral5711 2 роки тому +1

      @@Cloud4DevOps I mean yah tgw is way better than virtual private gateway, but still i’m confused. sorry man just a frustrated man haha

    • @Cloud4DevOps
      @Cloud4DevOps  2 роки тому +1

      @@ayieecorral5711 you still need site to site vpn with ygw..its straight forward config and concept..

  • @subanana
    @subanana 4 роки тому +1

    Nice video thanks

  • @premsoni0143
    @premsoni0143 5 років тому

    Suggestion and question:
    1) You said it's private connection, isn't it private tunnel over public internet? Private tunnel could be if used Direct Connect.
    2) Why do you need to configure EC2 public ip on CGW? What if we have multiple resources, this need explain.

    • @Cloud4DevOps
      @Cloud4DevOps  5 років тому +3

      Thanks for the comments.. Please find my answer below:-
      1) You said it's private connection, isn't it private tunnel over public internet? Private tunnel could be if used Direct Connect.
      So basically what i said we can connect aws cloud resources via their private IP address from your on premise network. VPN tunnel could establish over the open internet to keep traffic communication between the VPC and your on site prem. I have used EC2 public IP on assumed on-premise DC [which is Frankfurt for my video] , i can use NAT IP which is always static public in nature on the CGW side which is a pre requisite to design VPN b/w two environments. Again you can access or do job like LDAP sync over VPN always flows via public natting but its always encrypted by TLS security so we should be good to use it. AWS Direct Connect always has an advantage over VPN as it provides fast performance like your fiber optics b/w two environments with higher cost.
      2) Why do you need to configure EC2 public ip on CGW? What if we have multiple resources, this need explain.
      So basically what i said i have created EC2 on Frankfurt region and i am treating that as an my on-premise DC network , so whenever you create VPN connection , the static route to use customer gateway should have an internet-routable IP address to use as the endpoint for the IPsec tunnels connecting your customer gateway to the virtual private gateway. So this can be your EC2 public IP or if customer gateway is behind a NAT device ,then we can use the public IP address of the NAT device. For the demo purpose i have used EC2 public IP instead of NAT as my internet-routable IP address.Since i don't have any on premise DC so i created public server in Frankfurt region just to replicate scenario.
      Let me know if above explanation suffice your queries.

    • @premsoni0143
      @premsoni0143 5 років тому +1

      @@Cloud4DevOps Thanks, it's clear

  • @langdj1
    @langdj1 2 роки тому

    Thanks!

    • @langdj1
      @langdj1 2 роки тому +1

      Figuring out all the stuff you need to do in OpenVPN (Cisco ASA if you had one) is the hardest part of doing this process and Shashank spends the extra time to figure that out. Fantastic video!

    • @Cloud4DevOps
      @Cloud4DevOps  2 роки тому +1

      Thanks Joe for feedback !!!

  • @rahulbhattiprolu8489
    @rahulbhattiprolu8489 10 місяців тому

    The config file looks the same as for strongswan . So is this openvpn or strongswan?

    • @Cloud4DevOps
      @Cloud4DevOps  10 місяців тому

      openswan..to a certain extent concepyual funa for all VPNs remain same..

  • @kakmr5
    @kakmr5 Рік тому +1

    Hi i am getting this error : "/etc/ipsec.d/aws-vpn.conf"
    "/etc/ipsec.d/aws-vpn.conf" E212: Can't open file for writing
    Press ENTER or type command to continue , This is coming while i am editing ( vim /etc/ipsec.d/aws-vpn.conf )

  • @passionzhere
    @passionzhere 4 роки тому +1

    can you plz do this on palo altos ?

  • @datagiggles692
    @datagiggles692 2 роки тому

    Surprising enough, the ipsec.d directory is not there.