GithubHelp home page GithubHelp logo

techiewarrior / site-to-site Goto Github PK

View Code? Open in Web Editor NEW

This project forked from tdeckers/site-to-site

0.0 0.0 0.0 30 KB

Automation for site-to-site VPN (AWS - Meraki MX)

License: BSD 3-Clause "New" or "Revised" License

Makefile 2.93% Shell 3.01% Go 64.15% HCL 29.91%

site-to-site's Introduction

published

Site-to-site VPN Controller

Overview

The code and configuration in this repo allows you to deploy a solution that can automatically set up and tear down a VPN connection between your home network and AWS. With the VPN connection in place, you can directly access cloud resources from your home network over a secure connection.

The VPN Connection attaches to a specific VPC and route table in AWS. Any resource (e.g. EC2 instance) provisioned in a subnet configured with the route table will be accessible.

This repo assumes Meraki MX to be the home side of the VPN Connection. Other VPN solutions might be possible, but instructions are not included here.

For a detailed overview of the purpose and use of this solution, check out this post.

Prerequisites

  • AWS account and CLI configured
  • Terraform installed
  • S3 bucket. Used for remote state and cloud formation template. For my setup requires public access of the S3 bucket. You can change that.
  • (optional) Meraki account and MX for home side of the VPN tunnel. You can use alternative VPN solutions, but this repo doesn't provide instruction.

Before using terraform:

  • Ensure AWS credentials are set. Run aws configure if needed.
  • Update private.sh with AWS and Meraki details
  • verify and update provider.tf as needed.
  • update backend.tf with your S3 bucket. If you want to use local state, you can remove the file.

Deploy

  1. Build lambda functions
    make build
  1. (only needed once) Initialize terraform
    make init
  1. Deploy infrastructure to AWS
    source ./env.sh
    make deploy

Usage

The deployment will create a number of resources in your AWS account. Most importantly, it'll create an API Gateway endpoint that you can trigger to create and delete the VPN connection.

Navigate to the API Gateway Console. Under APIs, find Site-to-site API. Click on ANY and then on Test. This will open a page to trigger API calls.

To verify if a VPN connection is already create, select Method GET and click on Test at the bottom of the page.

To create a VPN connection, select Method POST and add on as the Request Body. After about 10 minutes the VPN connection is created and optionally Meraki MX is configured.

To tear down the VPN connection, select Method POST and add off as the Request Body.

site-to-site's People

Contributors

tdeckers avatar tdeckers-cisco avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.