AWS Service- VPN

VPN:


Types of VPN:

  • Open VPN 


  • Site to Site


  • Direct connect



– Open VPN:


– Practical Open VPN: 


  1. get open VPN from AWS marketplace 


  1. leave the default SG for the VPN OS build

 

  1. username: openvpnas 


Do you wish to log in to the Admin UI as "openvpn"?

> Press ENTER for default [yes]:no


– EC2 create:



– EC2 launch:



– OpenVPN console:








– DB server launch for VPN check:



– Private IP:




Elastic IP:


   – Give permanent IP for an instances


– Before Assigning:



– Elastic IP assign:




– After assigning:




Network Interface:


    – Additional network card, works if existing damaged


– Before attach:



– NIC attach



– After attach:




Flow log:


  • Like wire shark  - packet capturing tool 


  • vpc - flow log (direct)


  • subnet - flow log (direct)


  • Ec2 - got to ec2 n/w interface - flow log 


– Creating log group in cloud watch:



– Created flow log:



 

Comments

Post a Comment

Popular posts from this blog

Route53

Image
DNS Port - 53 Get a free domain in Freenom: Records: A Records: -- IP to name( can search with DNS names) PTR Records: -- Name to IP address ( can search with IPs) (Vice versa) MX Records: -- Mail server record: Cname record: -- Name to Name -- LB in AWS eg: www.fb.com , www.facebook.com NS Record (Name Sever record) -- To identify our domain SOA Record (State Of Authority) -- Who authorizing this Domain SRV -- Service record --(80 HTTP - 81 HTTP) www.fb.com NAPTR -- Voip DNS TXT -- verify your domain CAA -- certifying your domain AAAA -- Ip 6 SPF -- Sender Policy framework DS - Delegation signer - - DNS security Practicals: – Connecting AWS and Freenom Domain: – Site opening with IP: – Site opening with DNS Name: – Adding Load Balancer with DNS: – Test: SUB-DOMAINS:  creating multiple domains with single domain purchase Eg: – Practicals: –Test: Routing Policy: Simple Simple one Weighted: Giving weightage to a particular LB * Need to provide 2 LB with the same records ...
Read more

AWS Service: Auto Scaling & SNS

Image
  Auto Scaling: – When the load is increasing in Load Balancers autoscaling will automatically increase the instances in Load balancers – Practical steps: create an AMI  use the AMI for the Autoscaling configurations  Add the AMI in Launch configuration  Now create the rule using Auto scaling groups  create an ALB and attach it to the auto-scaling group.  – Launch autoscale: – Create Autoscaling: – Instance created automatically: – Tested with Load Balancer: Target tracking - it will increase or decrease with a single value  step scaling - step by step  simple scaling - overall increase – To check autoscale adding load to CPU: – Sample script to increase CPU load: Inside machine: vi load.sh #!/bin/bash dd if=/dev/zero of=/dev/null bs=50000 count=1000000 vi for.sh #!/bin/bash for i in {1..10} do         sh load.sh done chmod a+x load.sh chmod a+x for.sh – Instance launched automatically: – Automatically attac...
Read more

AWS Service: ALB(Application Load Balancer):

Image
  ALB(Application Load Balancer): – Practical steps: Create 6 instances  - 2 instance (main website)  - 2 instance (image)  - 2 instance (video)    Create ALB  Create target groups Add the target group to Listeners  – Comment to run the script(built the website): #!/bin/bash sudo yum -y install httpd sudo echo "This is E-commerce-main server" > /var/www/html/index.html sudo systemctl restart httpd sudo systemctl enable httpd –Script to create sub folder for website: #!/bin/bash sudo yum -y install httpd sudo mkdir /var/www/html/videos sudo echo "This is Video server" > /var/www/html/videos/index.html sudo systemctl restart httpd sudo systemctl enable httpd – Example: – Ec2 creating: – EC2 web Launch: – Main web: – Subfolder: – Adding all instances in Load Balancer (Single website): – Creating LB: – Creating TG: – Adding Subfolder in Target Group: – TG group added in Listener: – LB check: – Creating Hyperlink in Load Balancer for Website
Read more