Skip to content

scottpedia/aws-client-vpn-setup

main
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
img
 
 
 
 
 
 
 
 

AWS Client VPN Setup

AWS VPN logo

This project helps you to quickly set up a working OpenVPN server on AWS, using AWS Client VPN.

Overview

This project helps you deploy a working OpenVPN server by using AWS Client VPN. It is a built-in service of AWS VPC that is typically used by developers to securely connect to resources within the VPC network. But it can also be used to access the public internet, just like any typical VPN service. Deploying a VPN server this way has many advantages over the traditional way of deploying a VPN server on an ec2 instance. For example, the bandwidth is not limited by the networking performance of the instance type.

This project provides a python script that does the deployment automatically. Due to the distinct nature of this deployment method, it is recommended to understand how it works in detail before using the script. To do so, you can read through the manual deployment tutorial here. Also, for more information on how to use the script, see this page.

Comparison with Traditional VM-based Deployment Method

I personally came up with this idea of deploying a VPN server as a workaround of the traditional VM-based solution, in order to better fit my usage scenario. But this deployment method also has its own drawbacks. Below is a clear comparison between the two.

Traditional VM-based Script Deployment(on AWS and similar cloud platforms) AWS Client VPN-based Deployment(this project)
VPN protocol(s)* not limited OpenVPN
Billing Scheme instance uptime + outbound traffic endpoint association time** + connection time per user + outbound traffic
Deployment Time*** minutes depending on the instance type and other factors 15 minutes maximum
Networking Performance solely depending on the instance type used automatically scalable****
Regions all service regions where VM service is available all AWS regions
Free Plan***** 750 hours of free usage of t2.micro per month in the leading 12 months since account creation no free plan eligible
Expand this section to see the notes.

* You can choose whatever protocols of VPN to install on your VM, such as IPSec, Shadowsocks. But when using the Client VPN, your choice is limited to only OpenVPN.

** The "association time" stands for the time when the endpoint is associated with the target subnet, not to be confused with the time when the user's client is connected to the endpoint, which in this case is "connection time per user".

*** To install a VPN server on a EC2-like VM, it takes time for the operating system to process the required software components.(e.g. compilation, certificate generations) Therefore the overall deployment time varies, as more powerful systems perform such tasks faster.

**** According to AWS, the networking performance of Client VPN is elastic, and automatically scales to your demand. In my personal experiences, the bandwidth available when using Client VPN directly depends on that of your home network bandwidth.

***** See this page for more info on AWS Free Plan.

Author and License

Copyright (C) 2020-2022 Scott X. Liang <scott.liang@pm.me>
GPL logo with text
Unless otherwise noted, the work in this repository is licensed under GNU General Public License Version 3.

About

Automation script that helps you create an OpenVPN service using AWS Client VPN Endpoint.

Topics

Resources

License

Stars

Watchers

Forks

Languages