In this third task, you are going to setup Pritunl VPN and allow access to private network only through the VPN.
Pritunl VPN - https://pritunl.com/
Pritunl VPN source - https://github.com/pritunl/pritunl
Difficulty Level - Intermediate
Days to complete - 3 days
Architecture
Objectives
Should understand networking concepts in AWS such as VPC, Private & Public Subnet, Internet Gateway, NAT Gateway
Understand basics of VPN and why it is used
Learn how to setup Pritunl VPN in AWS EC2 instance and attach the domain to it
Learn how to access private resources using VPN and route only specific CIDR through it.
AWS Services / Technologies
Networking | VPC, Private & Public Subnet |
Pritunl VPN | IG, NAT Gateway |
OpenVPN | Route53 |
High level Tasks
Create a new VPC with 1 public subnet and 1 private subnet
Make sure you attach proper IG, NAT Gateway in the Route tables
Create an EC2 instance in the public subnet and setup the Pritunl VPN server
Configure VPN to route only the traffic of VPC's CIDR to flow through private network
Setup a custom domain in this format - vpn-
.ezyinfra.dev using Route53 (Optional step. Skip it if you don't have the domain). Contact Prasanna to add the DNS records.Finally, create a profile for testuser and connect to Pritunl VPN using OpenVPN client.
SSH into the EC2 instance using Private IP Address and it should allow. If you are not connected to VPN, you should not be allowed to SSH.
Reference material
You can use any reference - AI, AWS Docs, Youtube videos. But the objective is you should able to complete the task and should able to explain what you did clearly.
Video Solution
Coming Soon
Share this post