Multi Region VPN Connection Using Strongswan

hey everybody how’s it get my mention is Andrew and this is an AWS tutorial sequence on multi-region VPN connection using Open VPN in this tutorial streak I’ll path you through the steps that I use to connect two regions together employing Open VPN and for this tutorial I’ve already launched two Open VPN servers one in u.s. East and one in u.s. West so make sure you pay attention to which zone that I’m in and I’ll point that out as I go and if you need help propelling an Open VPN server I have a tutorial that I’ll relate in the specific characteristics below and so you can see here that I have an open VPN server and US East and this is the one that I’m actually connected to now and we have a open VPN server and uswest and this is the one that we’re going to passageway into and I’ve detailed out all these steps in my github storehouse and for the ones that I can’t really detail out they’ll be in this video so the first thing we want to do is we’re going to want to log in to our uswest server we’re going to sudo up then we’re going to run these commands that I have in my repository so we’re gonna firstly do an update and then we’re going to install strongswan and get we’re going to go into our spring directory and we’re gonna clone this repository and inside this repository I have three configuration files and we’re just going to fake these to their respective indices and we’ll revise the authorisation on these as well and so you’ll see if I guide IP sex status you’ll see that we don’t have any alliances up and what we’re going to do is we’re going to want to make sure we get two contacts up so now what we want to do is we want to go over to our US East server and we want to go to V PC and in here we’re going to go to patron gateways and we’re gonna create a customer gateway we’ll give it a honour we’ll make sure it’s static and the IP address we’re going to use is the IP address of the open VPN server in u.s.West so we’ll paste that in there and click create so now we want to go to Virtual Private Gateway and we’re going to create a virtual private gateway and we’ll afford it a identify and we’ll make sure we attach it to our V PC and we’ll go to VPN connections and we’re going to create a VPN connection we’ll give it a appoint we’ll select our virtual private gateway and our purchaser gateway we’ve already created and we’ll make sure that’s selected and our routing alternatives we’re going to want to select static and we’re going to want to paste in that public IP of the open VPN server in u.s. West and we got to give it a legitimate locate or block and we’ll click create and this will take a second to create and so now that our VPN connection has been created we want to download our configuration file and we’re going to select generic and we’ll click download and we’re going to use this configuration file later on I mean we’re gonna use these pre-shared keys that you see here we’re going to use those to configure our IPSec and our uswest server so now what we’re gonna do is we’re going to mount over to our US West and we’re gonna log in to this open VPN server and so what we’re going to do is we’re going to revise those configuration files that we copied over so the first thing we’re going to one we’re gonna do is the IPSec comm file and in here we’re going to edit our right subnet and the privilege subnet going to get the subnet of our us West VPC I know it sounds a little bit confusing but if you mount over to your V PC and you mimic your V PC Sider block and we glue that in here that’s going to be the one that you want to glue in there and the VPN customer gateway if we go to our VPN connections and we go into tunnel details we’re going to see those two passages right here so we’re going to copy this IP address and for V PC customer gateway two we’re gonna copy the second tunnel so we’ll go ahead and save this and the next thing we need to do is we need to edit the IPSec secrets and we’re gonna copy that tunnel one and we’re just going to follow the same format that they have above and we’ll copy the passageway two and again the same format and now these secret keys are going to be in that text file that we downloaded so if we go open that text file we’re gonna ascertain IPSec tunnel one and we’re gonna copy this pre-shared key and we’ll paste that right in there and we’ll do the same thing for the second tunnel so if we scroll down here we’ll noting that the IP address is the IP of the first passage and we’re gonna look at the passageway number two and we’re going to emulate that pre-shared key and we’re going to paste that in there and you’ll notice the same thing here that this IP address is the exact same IP address of the passage very so we’ll save that and now what we’re going to do is we’re going to say IPSec restart that will restart IPSec and all we need to do is say IPSec status and we’re going to see that we have two established passageways and so now if we climb back to our V PC here and we’re going to go to the V PC dashboard and US East we’re gonna be understood that we have a VPN connection up so that necessitates this is working in both passages are up so the next thing that we need to do is we want to go to our route counters and we want to edit any routing tables that you have here that you want to go through that virtual private gateway so what we want to do is we want to make sure that these transmits so anytime we supplement any static roads to our VPN connection they’re gonna propagate all the way through these routing tables that we have selected here and so I have two so I’m gonna edit my public in my private and now we need to go back to p.m.Connections and I’m gonna jump into my static itineraries and you can see here in tunnel items that I have two passageways up and so now in static itineraries I’m basically going to made the the place or block of the VPC of us west and so basically anytime I’m in my US East server and because I’m connected to the OpenVPN of u.s. East if I try to access any private IP addresses on this area or block I’m going to go through my virtual private gateway so we’re going to emulate that in there and we’re gonna click Save and these will already propagate through our route counters since we had the transmission turned on and so the only interesting thing I want to stress here in this tutorial is that you want to make sure that your Sutter blocks are different for the different regions that you’re associate to so what you’ll notice now on my US East is that I’m running on the 170 2.30 Network and that on the u.s.West I’m running on the 172 fleck 31 and the above reasons for this is I don’t want to have any IP crashes internally that pretty much concludes our tutorial on unite two regions together exercising Open VPN give issues and questions explains or concerns please leave them in the comment section below and please remember to Like and agree thank you for coming in for watching.

You May Also Like