Prevent Multiple Device Connections Using the Same Profile for AWS Client VPN

Question

I have created an AWS Client VPN and generated a profile for connection. However, I noticed that I am able to connect to the VPN using the same profile from multiple devices simultaneously. I want to prevent this behavior and ensure that the profile can only be used on one device at a time.

Steps I've Taken:

Created an AWS Client VPN.
Generated a connection profile.
Successfully connected to the VPN using the profile from multiple devices at the same time.

Issue:

The same profile is being used to connect to the VPN from multiple devices simultaneously, which I want to avoid.

Questions:

How can I configure AWS Client VPN to prevent multiple device connections using the same profile?
Is there a setting or best practice to ensure that each profile is restricted to a single device connection at a time?
What steps do I need to take to resolve this issue and enforce single-device usage per VPN profile?
Any guidance or step-by-step instructions would be greatly appreciated.

Thank you in advance for your help!

Didier Durand · Answer

Hi,

You may want to manage this policy of single connection via Connection Logging: see https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/connection-logging.html

You can have a Lambda function that is notified of connection / disconnection via the mechanism above. Then, your Lambda will have to add / remove the corresponding user from the VPN Access Group to allow / disallow a second connection  while there is an active one.

See https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/scenario-restrict.html#scenario-restrict-groups for management of users in access groups.

Best,

Didier

Prevent Multiple Device Connections Using the Same Profile for AWS Client VPN

Add your answer

Relevant content