AWS Client VPN not working on Linux Mint

0

I am currently an AWS user, regularly using the AWS Client VPN on windows. I recently setup a new Linux Mint box that I would prefer to work on and installed the Client VPN on it.

At first, It would start up until I created a profile, at which point it would crash shortly after opening. Some research uncovered the need to install libssl1.1, which I did. This resolved the crashing issue.

Next, I followed the instructions on the AWS Linux Troubleshooting page, and installed and verified resolvconf, but still couldn't connect to the VPN.

Following the page's instructions, I added script-security 2 and the up and down directives to my openvpn configuration. The result of this is a connection failure - one OpenVPN log says it won't resolve the address to reach the VPN endpoint, another OpenVPN log says "script-security 2 contains flags that are not supported. Fail the import" and appears to stop the resolving process there. Removing the script-security and up and down lines results in an infinite Re-establishing Connection message. There's probably something simple I'm missing that I haven't found on Google or elsewhere, whether it's a config setting or another library.

Thanks in advance.

alexb
asked 3 months ago147 views
2 Answers
0

I did follow the pre-requisites, installing the AWS Client VPN from the .deb package, and looking at the aws client log, I can see that it's already prepending a random string to the endpoint url before it attempts to resolve the url.

LOG:1712668660,N,RESOLVE: Cannot resolve host address: f7cb9785179c.cvpn-endpoint-<endpoint-id>.prod.clientvpn.us-east-2.amazonaws.com:443 (Name does not resolve)

If need be, I can install the older LTS Ubuntu version, but I hope to see support soon for the current Ubuntu LTS version, 22.04, which Mint is based on.

alexb
answered 3 months ago
  • One last note - I gave up on Mint + AWS client and installed Ubuntu 20.04 with no updates or upgrades, following the instructions on the Linux Client page, and wound up in the same situation that I had with Mint - it refuses to resolve the VPN url, even though everything looks like it should be working correctly.

    TL;DR - I'm giving up on the AWS Client VPN for Linux. Since I don't like Ubuntu's interface, I think I'll reinstall Mint and try OpenVPN directly, since the AWS client doesn't appear to support anything newer than 4 years ago. Apparently, there is no correct answer.

0

Hi, I understand that you are facing connection issues for your VPN on Linux Mint. The following are some troubleshooting steps that you can take to determine the source of your issue:

Prerequisite - https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-linux.html#client-vpn-connect-linux-req

Currently the VPN Client for Linux is only supported for Ubuntu 18.04 LTS and 20.04 LTS. It does not mean that it can not work, but the resources for its support are limited.

Also, when you use openVPN you have to add random string to the Client VPN endpoint DNS name otherwise it will through error "won't resolve the address to reach the VPN endpoint".

Locate the line that specifies the Client VPN endpoint DNS name, and prepend a random string to it so that the format is random_string.displayed_DNS_name. For example: Original DNS name: cvpn-endpoint-0102bc4c2eEXAMPLE.prod.clientvpn.us-west-2.amazonaws.com Modified DNS name: xyz.cvpn-endpoint-0102bc4c2eEXAMPLE.prod.clientvpn.us-west-2.amazonaws.com

  • Save and close the Client VPN endpoint configuration file.
  • Distribute the Client VPN endpoint configuration file and the client certificate and key to your clients.
AWS
answered 3 months ago
profile picture
EXPERT
reviewed 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions