Windows Server 2019 Core - Kahuna915/Capstone-Cloud-Integration GitHub Wiki
Commands to set up a site-to-site VPN
-
Install Remote Access and Routing
Install-WindowsFeature RemoteAccess, Routing -IncludeManagementTools
-
Configure the VPN Server
Install-RemoteAccess -VpnType S2S -AddressRange <IP Address Range> -EnableIPv4
-
Configure the VPN client
Add-VpnS2SInterface -Protocol IKEv2 -AuthenticationMethod PSKOnly -EncryptionMethod AES256 -LocalIPAddress <Local IP Address> -RemoteIPAddress <Remote IP Address> -SharedSecret <Shared Secret>
-
Enable NAT on the VPN interface
Set-VpnS2SInterface -Name "<Interface Name>" -NATEnabled $true
-
Enable routing
Set-VpnS2SInterface -Name "<Interface Name>" -RoutingProtocolType Static
-
Verify the VPN is running
Get-VpnS2SInterface
Creating an AD Connect in AWS
Why do we want to use AD Connect
We will want to use AD connector since we are trying to accomplish the following:
"if you only need to allow your on-premises users to log in to AWS applications and services with their Active Directory credentials. You can also use AD Connector to join Amazon EC2 instances to your existing Active Directory domain."
Setup on AWS
-
Go to the Directory Service in AWS
-
Set up a AD Connector
-
Select a small or large directory size. In this example we are going to select Large
-
Select the VPC with Subnet Preference
Subnet Preferences (You will need to select two different subnets)
-
Enter the information for your Domain Controller
This will only connect if the Domain can be seen by the VPC. That is why you will want to create a VPN connection before you start this.