- Newest
- Most votes
- Most comments
Hi Directory Service Integration: Integrate AWS Client VPN with AWS Directory Service (such as AWS Managed Microsoft AD or AD Connector). This allows you to authenticate users based on their Active Directory credentials.
Use DHCP Option Sets: With AWS Client VPN, you can configure DHCP option sets to assign static IP addresses to users based on their Active Directory usernames. Each user can be associated with a specific IP address through DHCP reservations.
Here you can refer https://repost.aws/knowledge-center/client-vpn-static-ip-address
I am asking about assigning static PRIVATE IP addresses to clients that connect. I don't need VPN clients to have internet connectivity through this network (I can add a NAT gateway if that is needed).
Hello strel0k!
One currently cannot assign a static IP on the AWS Client VPN side "natively", I am afraid. Happy to discuss your specific use-case (some form of restricting access to 'intra-AWS' resources, I would assume?) - as you are probably aware, we are offering either Security Group-based (whole Client VPN endpoint-scope) or [recommended in this scenario] a user-group based filtering (user/group level, configured within authorization rules).
If using the former, one in principle can create multiple/several AWS Client VPN endpoints and assign different CIDRs (and Security Groups), but this realistically won't be at user level granularity.
Relevant content
- asked 2 years ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 2 years ago
Could you please elaborate (or point to relevant documentation), as I am a total noob? When creating a DHCP option set you can only specify a very limited number of parameters. Things like domain, name, dns servers, etc.