This is a Docker implementation of the original AWS VPN client PoC with OpenVPN using SAML authentication. The goal is to have an easy to consume Linux client.
See the original blog post for the implementation details.
- openvpn-v2.4.9-aws.patch - patch required to build AWS compatible OpenVPN v2.4.9, based on the AWS source code (thanks to @heprotecbuthealsoattac) for the link.
- openvpn-v2.5.1-aws.patch - patch for OpenVPN v2.5.1, based on the AWS source code (thanks to @heprotecbuthealsoattac) for the link.
- server.go - Go server to listen on http://127.0.0.1:35001 and save SAML Post data to the file.
- entrypoint.sh - bash wrapper to run OpenVPN. It runs OpenVPN first time to get SAML Redirect and open browser and second time with actual SAML response.
- Dockerfile - for building the docker image.
- docker-compose.yml - for running the image properly.
- Place AWS configuration file at the same folder of
docker-compose.yml
, naming itvpn.conf
- Execute
start.sh
. The SAML login page will open in your browser, and the tab should close when the authentication process is complete.
- Place the AWS configuration files in the same folder as
docker-compose.yml
, with unique names (egcompany.conf
,client-one.conf
,client-two.conf
). Pro-tip: symlink one asvpn.conf
to be your default VPN. - Exceute
start.sh vpn-name
(egstart.sh client-two
). If you omit the VPN name, the config namedvpn.conf
will be used (see the Pro-tip above).