So, if I follow all the steps in this video, can I run A Site-to-Site VPN and succeed? because I have a project assignment from the server system administration course, and I have a hard time finding a really clear tutorial. and I finally decided to follow the tutorial from this video. and if I have followed all the steps in this video, have I completed my college project?
Yes, your on-prem device (running on linux OS for example) can utilize strongswan so you don't need to create a strongswan instance on AWS itself. This can be done to simulate on-prem traffic (perhaps your office or home) to AWS VPC.
Hey , nice video , i am trying to configure the site to site vpn and i just want to confirm the CIDR range for the static route on the VPN , it should be the range of the on premise network right?
I don't have a link to the commands since the commands will be on the S2S VPN configuration file. It'll tell you everything you need to know to establish your tunnels. I'll modify the description in the video so it has a sample template. Thanks for watching!
So you don't have to rebuild an EC2 machine to add/remove a public IP. To do this: Go to the EC2 instance > Actions > Networking > Manage IP addresses > Expand the network adapter > Auto assign public IP > Save
Can I have multiple customer gateways in one S2S VPN Connection? If my customer has two gateways in one on prem environment, how do I connect both gateways into the same VPN connection?
It would not be possible to configure multiple customer gateways within a single S2S VPN connection. Your customer would need to create 2 S2S VPN's for each gateway.
@@ngo2go I did it and trying to ping it from the server give me the error "Name or service not known". How could I prove this works? Pd: Good video, but dont worth it if I cant prove it works :(, thank you
I’ll need more context to find out the root cause of that issue… but here are some areas you can check: Routing error? (Need to check route table including static route on s2s vpn), security group and nacl rules. Lastly it could be a configuration issue on the openswan server
I dislike this video entirely because it lacks any testing at the end. While many videos demonstrate a straightforward setup, none address the crucial aspect of communication between multiple EC2 instances and how they interact using their private IPs.
Thank you for commenting! I've created a new video which has the test at the end of the video. Hope it helps! ua-cam.com/video/I-aN7JyMugs/v-deo.html&ab_channel=TechNgo
I guess we should add value in Static Ip prefixed at 21:50. On-prem CIDR.
Yes, add the on-prem CIDR (basically VPC CIDR block) to the static IP prefix
I really love how easy and simplified you made it look. I haven't practiced it yet but I feel very confident that I will be able to do it.
I am glad I was able to help! I'm confident you'll be able to do it too :)
I love how simplified this is, thanks a lot ❤️
I'm glad you found this helpful! I'll be posting more labs like this so stay tuned :)
@@ngo2go Definitely will,here to stay.💪🏾
Best explanation and example. Thank you so much for this.
Thank you, I'm glad you enjoyed the video!
So, if I follow all the steps in this video, can I run A Site-to-Site VPN and succeed? because I have a project assignment from the server system administration course, and I have a hard time finding a really clear tutorial. and I finally decided to follow the tutorial from this video. and if I have followed all the steps in this video, have I completed my college project?
Best explanation
Thanks for the amazing video.
Can I download strongswan right on my on-prem device instead of a separate instance like in the video?
Yes, your on-prem device (running on linux OS for example) can utilize strongswan so you don't need to create a strongswan instance on AWS itself. This can be done to simulate on-prem traffic (perhaps your office or home) to AWS VPC.
Hey , nice video , i am trying to configure the site to site vpn and i just want to confirm the CIDR range for the static route on the VPN , it should be the range of the on premise network right?
Yep thats right!
Great tutorial. Any link to the commands?
I don't have a link to the commands since the commands will be on the S2S VPN configuration file. It'll tell you everything you need to know to establish your tunnels. I'll modify the description in the video so it has a sample template. Thanks for watching!
So you don't have to rebuild an EC2 machine to add/remove a public IP. To do this: Go to the EC2 instance > Actions > Networking > Manage IP addresses > Expand the network adapter > Auto assign public IP > Save
Thats a neat tip! Thank you for sharing!
how did you figure out the IP is 192.168.0/0/16? 2:05
That is just an example CIDR block that I wanted to use for the video. You could use different private CIDRs if you wanted to, choice is yours :)
facing error - Failed to start Internet Key Exchange (IKE) Protocol Daemon for IPsec.
It could be a preshared key issue if the keys do not match.
Can I have multiple customer gateways in one S2S VPN Connection?
If my customer has two gateways in one on prem environment, how do I connect both gateways into the same VPN connection?
It would not be possible to configure multiple customer gateways within a single S2S VPN connection. Your customer would need to create 2 S2S VPN's for each gateway.
You forgot to mention adding routing, without it you can't ping. Unless a year ago you didn't have to do that.
can we use strogswan instead of openswan as openswan package is not available anymore?
Yes, you can move onto strongswan. Just be sure to download the correct file when creating the S2S VPN.
hey man the video is long it would be great if you could break down the timeline into sections for easier browsing
I hear you and will be implementing that in the future :)
what value did you enter for the static route?
For the static route prefixes, I left it as blank
@@ngo2go im referring to what you alluded to at the end of the video, the static route you didnt show
Ah, that would be the on-prem IP of 10.0.0.0/16
@@ngo2go I did it and trying to ping it from the server give me the error "Name or service not known". How could I prove this works?
Pd: Good video, but dont worth it if I cant prove it works :(, thank you
I’ll need more context to find out the root cause of that issue… but here are some areas you can check: Routing error? (Need to check route table including static route on s2s vpn), security group and nacl rules. Lastly it could be a configuration issue on the openswan server
Tks bro but how to test???
ICMP or Ping test will do!
I dislike this video entirely because it lacks any testing at the end. While many videos demonstrate a straightforward setup, none address the crucial aspect of communication between multiple EC2 instances and how they interact using their private IPs.
Thank you for commenting! I've created a new video which has the test at the end of the video. Hope it helps!
ua-cam.com/video/I-aN7JyMugs/v-deo.html&ab_channel=TechNgo