shiekkhan asked 3 years ago
Thanks for the this great VPCsession but small confusion. please clarify
One question i have is why did you use both Open VPN in N.Virginia as well as Client VPN endpoint for connectivity from Mumbai.
1. User connected to Mumbai VPN, because client VPN endpoint is setup in Mumbai which make sense
2. user able to reach N.Virginia as the peering connection is enable between VPC’s which also make sense
3. what is Open VPN doing there in N.Virginia i didn’t understand.
I got that OpenVPN is third party service VPN connectivity. But in this scenario the vpn profile/client used on your laptop belongs to OpenVPN in NV or Client VPN connection in Mumbai?
4. I believe setting up Transit gateway will allow user to access all VPC’s as local once the user inside the AWS network. so i choose a VPN(SSL VPN) connection, in which for example i choose client vpn endpoints in Mumbai. i should be able to reach all the VPC networks post right routings in place.. please correct me if i am wrong.
Faizal Khan Staff answered 3 years ago
The reason both was bought up is to show that there are multiple ways you can create and access a VPN connection into AWS. In this case, I had 2 different types of VPN connection in those 2 different regions but at the end of the day provide the same functionality, i.e connecting into AWS privately. The choice is up to you which solution you use, and I must say there are a lot more similar options available apart from the 2 demonstrated options.
The client software used was OpenVPN client which is nothing but a generic VPN client and can support multiple types of VPN profiles, not necessarily only OpenVPN profiles, which is why you saw both the “AWS Client VPN Mumbai” & “OpenVPN NV” profiles in the same client. You can use any type of supported client to configure the “AWS Client VPN”
Yes, you can use a Transit Gateway instead of VPC peering if you have multiple VPCs. Since were were only dealing with 2 VPCs here, it was more straightforward to go with peering.
INR ₹
USD $