AWS VPN Client on a guest VM

The AWS VPN Client for Linux (https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-linux.html) at the time of writing (Nov 26, 2023) is only supported on Ubuntu and the latest Ubuntu version supported is 20.04 LTS. This version of Ubuntu is nearly 4 years old and people have been having problems with the client - there have been numerous complaints on the forums by people trying to get it working on newer Ubuntu versions, for example https://repost.aws/questions/QUNJeF_ja_Suykous7EvfX5Q/aws-client-vpn-on-ubuntu-22-04.

While it is possible to get the VPN client working on Ubuntu 22.04, there is a caveat - the client uses an outdated libssl version (libssl1) and Ubuntu 22.04 comes with a libssl3, which makes the client error out.  The workaround is manual installation of libssl1, replacing libssl3. If one uses another distro or simply does not want to downgrade libssl just for the AWS VPN client, one solution is to run the client on guest installation of Ubuntu 20.04 in a virtual machine. Configuration for the host and guest OSes follows below.

Guest OS

I run the guest installation of Ubuntu 20.04 on Virtual Box, with a Bridged network adapter. Select the correct interface, in my case - enp5s0 (screenshot below)
One thing worth doing is obtaining a static IP for the host machine in the DHCP server (where it reserves a specific IP to a MAC address), if the router has that functionality. For the sake of example, I've set mine to 192.168.0.105.

Let's proceed with configuring the guest machine.

Host OS

On the host, the configuration is as follows.

This solution is not ideal - it requires the guest OS to be up, as it serves as a default gateway, and everything gets routed through the guest OS. Perhaps a better solution would be to explicitly define IP ranges to route through the guest, but it does the job for the time being.

Comments

Popular posts from this blog

Cyberghost Vpn on Arch Linux

Go error handling and stack traces voted as the biggest challenge