I am a travelling consultant and I have a need to connect to client network and travelling with multiple laptops is very painful . I tried installing cisco anyconnect vpn on a aws ec2 windows machine. But when the vpn connects it drops the rdp connection and I get disconnected.
any way to make it work .
appreciate any help
You need to configure split tunnel in the cisco config, it probably is set to tunnel all traffic so your connection to the instance over the VPC network is dropping when the VPN tries to route replies over the tunnel. I assume you are initiating a VPN to the VPC and receiving a NAT so your rdp to the ec2 is seen as an IP in your VPC, you can then allow the local VPC CIDR outside of the tunnel.
Even with additional attached network interfaces, the any connect client will force an update of the routes on the instance preventing you from connecting into it from outside - if the VPN server is set to disallow split routing.
The way around this is to use a compatible client like open connect which you can configure to ignore the routing rules provided by the server.
However doing this is likely not in compliance with your customers policy and puts their network at risk if your instance were to be compromised.
Can you ssh?
If you can you can port forward the RDP port.
VPN has more overhead than an ssh Tunnel.
Whatever you do, make sure you’re on a different CIDR on AWS vs what the VPN is trying to connect to, otherwise things will get even messier.
can you please guide me on this -
I do this as well, using VMWare Workstation on Windows. The up-link network type has to be NAT for the client VMs when I am using my phone as a hot-spot or other Internet providers that only allow a single IP.
client block vpn connect out of country as they block IP at vpn
I am a IT developer . not much into these vpn , networking . can you please provide a doc link or any blog for this.
Is there any cloud solution / cloud service where this can be done
I need the vpn . as my work involves connecting to the client’s data center. and on the clients laptop i access there outlook,teams and then use cisco anyconnect vpn to connect to there data center ( hosted on aws) .
problem with vmware,virtualbox, parallels the ip address will still be from where the ISP is .
I’m not aware of anything, but in the past I have successfully turned disk images from customer provided laptops into running VMs.
You shouldn’t do this without talking to the client’s IT. There’s almost 0 chance they’ll be ok with you connecting to company resources like email from an unmanaged machine without their security tooling installed.
Your laptop can first connect to a tunnel-all VPN provider. Guest VMs will then use the VPN provider’s public IP address when creating their VPNs. This should be possible using AWS as the VPN server. (I think I will try it myself.)
I wonder if ec2 dedicated host option in aws will help . if someone can correct me on this .