I'm trying to create a Site to Site VPN connection between an EC2 instance in one AWS account and a Virtual Private Gateway (VGW) in another account. I'm exploring options that don't involve using any marketplace AMI. Are there any open-source VPN software or firewalls I can install on my EC2 instance? This is mainly for lab work, so I'm open to anything, and if it includes a GUI, that's a bonus! I'm ideally looking for free alternatives to Palo Alto, Cisco, or Fortinet that I can manage myself. Also, in the future, I might create my own custom AMI. Any help would be appreciated!
2 Answers
You might want to check out StrongSwan; it's a solid choice for setting up IPsec site-to-site VPNs and is commonly used in AWS labs. Another option is OpenSwan, which is a lighter alternative. If you're after something quicker to set up, WireGuard is great, though it's not natively IPsec, so you'll need to manage routing carefully. If you want a GUI to work with, consider pfSense or OPNsense; both are free firewalls you can install on EC2 and offer flexibility.
Thanks for the suggestions! Leaning towards pfSense for its GUI; sounds user-friendly.
Every modern Linux distribution can handle VPN setups like IPSec or OpenVPN, even FreeBSD. You don't need a marketplace AMI unless it provides specific configurations or paid licensing that you require. The commercial options like Palo Alto or Cisco are not necessarily the best for VPNs these days since VPN technology has become pretty accessible for self-setup.
Good to know! I wasn't sure if I should avoid those commercial options. Sounds like I can easily DIY this.
Totally! Just pick a distro you’re comfortable with and get started!
WireGuard does sound appealing for a lab setup! Do you think it can handle multiple connections well?