Networking & Content Delivery
Tag: VPN
Simulating Site-to-Site VPN customer gateways using strongSwan part 2: Certificate-based authentication
Do you need to either demonstrate or learn more about using certificate-based authentication with AWS Site-to-Site VPN capabilities? In part 1 of this series, we showed how to use an AWS CloudFormation template to deploy the open source strongSwan VPN solution to implement the on-premises side of an AWS Site-to-Site VPN connection. The open source […]
Enforcing VPN access policies with AWS Client VPN connection handler
Overview AWS Client VPN, launched in 2018, enables you to use your OpenVPN-based clients to securely access your AWS and on-premises networks from anywhere. With recent updates, you can also enforce additional security policies on connections to a Client VPN endpoint by configuring a client connect handler (referred to as the “handler” in this post). […]
Simulating Site-to-Site VPN Customer Gateways Using strongSwan
Have you ever needed to demonstrate or gain hands-on experience with AWS site-to-site VPN capabilities, but didn’t know how to easily implement the on-premises side of a VPN connection? This post shows how to use an AWS CloudFormation template to easily deploy the open source strongSwan VPN solution to simulate an on-premises customer gateway in […]
Building a global network using AWS Transit Gateway Inter-Region peering
Global companies have historically dedicated considerable financial and engineering resources to building wide-area-networks (WANs) so people in different geographies could stay connected and operate as a single entity. Those WANs are typically implemented using Carrier Ethernet (CE) services delivered by leading telecommunications providers, commonly referred to as MPLS services. In recent years, the IT “center […]
Authenticate AWS Client VPN users with SAML
Introduction Authenticating users to applications and services on the web and at scale can be challenging. Having a separate set of credentials for each application is not an efficient approach. It is difficult to manage for IT departments and doesn’t provide a good experience for users. A common way to solve this challenge is to use […]
Using AWS Client VPN to scale your work from home capacity
Traditional on-premises VPN services are fixed in capacity and difficult to scale up, or down, in a rapid and on-demand fashion. Hardware constraints, licensing, and bandwidth can all be factors that prevent traditional client VPN services from scaling to meet the needs of a rapidly growing mobile workforce. Fortunately, the elasticity of cloud and pay-as-you-go […]
Using Microsoft Active Directory MFA with AWS Client VPN
You can now enable multi-factor authentication (MFA) for users connecting to an AWS Client VPN endpoint. This solution is ideal for organizations that want additional security when remote users are accessing AWS or on-premises resources. MFA improves the authentication process by requiring more than a user name, password, and certificate (the first factor). MFA requires […]
Introducing AWS Client VPN to Securely Access AWS and On-Premises Resources
Update March 17, 2020 – With recent events, the need to provide a remote workforce with secured connectivity is greater than ever. It comes as no surprise that this post (originally published on December 19, 2018) is receiving a lot of traffic. The content is still relevant today, so we’re publishing it again to make it […]
Scaling VPN throughput using AWS Transit Gateway
A virtual private network (VPN) is one of the most common ways that customers connect securely to the AWS Cloud from on-premises or data center environments. Customers establish VPN connectivity to AWS using AWS managed VPN solutions like AWS Site-to-Site VPN, transit gateways, or partner solutions running on Amazon EC2. In this post, we demonstrate […]