Openvpn – Possible the connect OpenVPN and AWS Transit Gateway

I have setup a Transit Gateway and a Site-to-Site VPN connection from our on-prem to our AWS accounts. It is working like a charm.

We have remote users working at home who need remote connection to our infrastructure. So I setup an OpenVPN Server in one account, and OpenVPN Client in the others + nomade users.

Now I was wondering if it was possible to use the OpenVPN Server with the Transit Gateway. This is to avoid having multiple OpenVPN Client in each account.

Update

There is one account (infra) which is only setup to host a Site-to-Site VPN from AWS to on-prem and a Transit Gateway (automatic sharing is activated). In this account, the VPC is already linked to the Transit Gateway, so maybe it's already like a "shared" account/VPC.

Update 2

OpenVPN server is in a VPC, in the same account as the transit gateway.
I :
– added transit gateway route as 10.0.9.0/24 -> VPC.
– added another account CIDR to the TGW route table
– added VPC route as 10.0.9.0/24 -> OpenVPN ENI
– added route in a second account to 10.0.9.0/24 -> TGW

Am I missing something? It's not working.

Best Answer

I now have it working. I use Pritunl rather than pure OpenVPN.

My VPN server has a single NAT route to 0.0.0.0/0
VPC1 (172.31.0.0/16) - Transit gateway and my VPN server
VPC2 (172.42.0.0/16) - Another VPC attached to the transit gateway
Both VPC's are already attached to the TG

In each VPC add a route in your subnet route tables for the other VPC CIDR address to the TG.

Best Answer

Related Solutions

OpenVPN connection works but no gateway is assigned

Related Topic