VPN site to non-Linode site
I see a lot of guides on how to set up a VPN from one Linode to another, but I need to connect to a server hosted on AWS. Can someone point me to a resource describing the best way to do this?
Thanks
1 Reply
It sounds like you've already found the VPN section our documentation library where we have guides for setting up several different VPNs including Wireguard and OpenVPN. Those guides are likely going to be the best place to start, even if they don't explicitly cover connecting to other servers. We also have several VPN Marketplace Apps that may streamline this process for you. You may be able to find more specific instructions for a specific VPN after you choose one.
Choosing a VPN
While I can't say which VPN to choose, I've found specific mention of Wireguard being used for site-to-site VPNs, and something called OpenSwan being used with AWS specifically—we don't have a guide for that but it's an IPsec VPN similar to StrongSwan. That said, I haven't found anything specifically stating why you wouldn't be able to the other options we have guides for, though some like OpenVPN, may require additional work for your use case. We have a three part series starting here for setting up more complicated OpenVPN configurations.
It might make sense to attempt to set up the VPN of your choice, and then come back with specific questions if you get stuck. This Blog post may help you choose the right one for you.
I can say based on previous issues customers have seen, the biggest issue with connecting to AWS specifically is that they use a few very specific terms that may be difficult to match to other providers or more general names. For example, another user mentioned a virtual private gateway
which seems like it may be an term coined by AWS and found that it "is the VPN endpoint on the Amazon side of your Site-to-Site VPN connection that can be attached to a single VPC." Based on my experience with Wireguard, the endpoint is the public IP and port being used that is being connected to.
As another example, AWS mentions a customer gateway, which I believe is something you set up with AWS by providing information about your Linode. I think figuring out the terminology should allow you to use the Linode guide for the VPN of your choice to get that set up using one of our guides.
I've also found we've suggested the following tools in the past and they may be worth investigating:
- Nebula
- VyOS
- Awesome Tunneling: this one isn't just one resource, it's a list of open source tunneling solutions, including some VPNs.
And finally, you can search the Community StackScripts for easier deployment. If you go to where you would create a new Linode and choose StackScripts and then Community, you can search for a specific type of VPN, like ipsec vpn
or whatever it is that you think would be the best option for you. It's possible something there was designed for exactly what you want to do.