Today, I would like to experiment with VyOS. I have been using OpenSwan for quite sometime and I really like how simple it is to use. However, it seems it has not been updated in a while and it’s repository replaced by StrongSwan. StrongSwan is still maintained and in my opinion the most documented however with the “swans” there are some changes which would require a restart of the service. For that reason I have been looking at an alternative and VyOS seems to be the perfect one.
I came up with a plan. In order to have a meaningful experimentation, I decided to host Openswan(Which I know well) on Azure (Which I don’t know too well) and VyOs(Which I don’t know too well) on AWS (which I know very well). So this tutorial is going to be in 3 parts:
Part 1 :: Configuration on AWS: VyOS
Part 2 :: Configuration on Azure: OpenSwan
Part 3 :: Establishing VPN between OpenSwan And VyOS
Of course both Azure and AWS have their own VPN as a Service but if you need anything like route public IP through the VPN or any fancy stuff you will have to roll out your own. For some reason, I seem to consistently run into such special cases off late, especially with some telcos 😕 .
I hope this would be useful to you. Let’s get started with part 1 then.
2 thoughts on “Connect Azure to AWS with a VPN using openswan and vyos”
Hello! Nice job, thanks for sharing.
Have you been able to configure the VyoS image on AWS using User data at the boot strap?
Thanks for the compliment. No I have not tried that but VyOs being built on debian and having an actual shell, I am sure it can be done but will depend on commands you want to user data to execute. I get you want to preinstall certain packages. I will give it a try.