Amazon VPC and using OpenVPN

amazon ec2amazon-web-services

I'm not interested in having all of my EC2 instances having a public IP on their network interface. I want to have full access over what boxes can speak directly to the Internet and which can be reached directly from the Internet. In a typical, very basic setup, you'd have a firewall on your DMZ with something like OpenVPN running on it so clients can get on your "internal" network and work with machines on your private LAN (RFC1918 IP space). My question is, it looks like Amazon VPC currently only caters to IPSec hardware VPN solutions. Is there anyway I can setup Amazon VPC and use a software VPN so my colleagues and I can login to our cluster of EC2 servers behind a VPN? I don't want to have slap on public IP addresses on any of the machines. The load balancer will eventually be on the DMZ and speak to the boxes behind the VPN/Firewall. What's the best way of doing this on Amazon VPC?

Best Answer

VPC is exactly what you want. You can create a VPC with a public subnet and a private subnet and put the OpenVPN server on the public subnet. There are OpenVPN AMIs already setup to do this. see http://www.openvpn.net/index.php?option=com_content&id=493 and http://www.openvpn.net/index.php/access-server/docs/admin-guides/499-openvpn-access-server-ami.html

Best Answer

Related Solutions

Security – Alternatives to Amazon VPC

How to authorize connections to non-VPC EC2 instances from the instances in a VPC via the igw-xxxx Internet Gateway

Related Topic