[Using AWS Client VPN with OpenVPN]
1. AWS Client VPN
AWS Client VPN service is available using the OpenVPN service.
AWS Client VPN is a managed client-based VPN service that provides secure access to AWS resources and On-premise network resources.
Client VPN provides access to resources from any location based on OpenVPN.
The AWS Client VPN has two types of users (administrators and clients) that can interact with endpoints.
The administrator is responsible for setting up and configuring services.
This includes creating endpoints, connecting to target networks, configuring authorization rules, and setting up additional routing (if necessary).
After setup and configuration is complete, the administrator downloads the endpoint configuration file and distributes it to clients (users) who need access.
The endpoint configuration file contains the endpoint and certificate information required to set up a VPN session.
The client is the end user. That is, the person who connects to the endpoint and sets up a VPN session.
Clients use OpenVPN-based VPN client applications on local computers or mobile devices to set up VPN sessions.
Once a VPN session is set up, you have secure access to resources within the VPC where the associated subnet is located.
If necessary routing and authorization rules are configured, you can also access other resources within AWS or on-premise networks.
reference link : https://docs.aws.amazon.com/ko_kr/vpn/latest/clientvpn-admin/what-is.html
2. How to use AWS Client VPN
Before you can use AWS Client VPN, you must configure the Client VPN endpoint on the VPC.
You can use the OpenVPN-based client application to connect to the Client VPN endpoint and establish a secure VPN connection.
- Internet access
- Supported Devices
[Step 1] : Install VPN Client Applications
Any OpenVPN-based application allows you to connect to a Client VPN endpoint and establish a VPN connection.
Download and install the OpenVPN client application from the device on which you want to establish a VPN connection.
[Step 2] : Receive Client VPN endpoint configuration file
You must receive the Client VPN endpoint configuration file from the administrator.
The configuration file contains information about the endpoint and the certificate required to establish a VPN connection.
[Step 3] : Connect to VPN
Import the Client VPN endpoint configuration file into the OpenVPN client application and connect to the VPN.
Please refer to the Connect to VPN section for steps to connect to a VPN using a typical OpenVPN client application.
reference link : https://docs.aws.amazon.com/ko_kr/vpn/latest/clientvpn-user/user-getting-started.html
Each time the connection is active, the AWS Site-to-Site VPN connection is charged on a hourly basis.
For AWS Seoul region, the rate is 0.05 USD per hour.
For data transfer charges, the first 1 GB is free, so a 0.09 USD per GB charge is charged for 499 GB.
Please refer to the link below for more information on rates.
reference link : https://aws.amazon.com/ko/vpn/pricing/
This document is based on February 2020.
Please leave a comment if document needs an update.
Bespin Global Cloud Support Team