AWS VPC VPN and a Centos EndPoint
I didnt find much concrete information on terminating an AWS VPN on a Centos 6 box, so figured id write it up here, for my own reference as we as others.
There isnt an option to download a config for Centos once you have setup your VPN on AWS, so i just grabbed the fortinet config. It should really matter as its only a few detail we are interested in.
Here is my AWS ipsec config which i use on my centos box. All you should need to change is the ip addressing.
leftid=MY PUBLIC IP
leftsubnet=MY LOCAL INTERNAL NETWORK /24 # <----Internal subnet
right=AWS IP # <----AWS Ext VPC Gateway
rightsubnet=AWS INTERNAL RANGE /24 # <----AWS Internal Subnet
Now we just need to create the secrets file which will hold the PSK.
Create a file named "aws.secret" and fill out the details in this order:
AWS PUBLIC IP
MY PUBLIC IP
PSK pre shared key from AWS VPN config file
That should be it. Restart the ipsec daemon and it should connect. Remember to add the route for your internal network on the AWS side.
Using the details from here and also from the config file you get from AWS, it should be fairly simple to configure this on your pfsense box too. Ill look at doing that on the weekend and write it up.