Scenario: A local private network and a private network in Amazon Web Service (AWS) needs to be connected securely over the internet through an ipsec VPN. In order to cover an expanded scope, VPN tunnel will be established between Openswan ipsec VPN from AWS to pfSense ipsec VPN in local network.

Main AWS VPC in this scenario “172.31.0.0/16” has 2 subnets, Backend (172.31.1.0/24) and Frontend (172.31.2.0/24) respectively. Application servers are hosted in Backend subnet while Openswan VPN server is hosted in Frontend. All traffic between these 2 subnets are allowed.
Continue reading →