AWS Client VPN Self Service Page intermittently returns a 400

0

I have an AWS VPN Client integrated with Azure AD using SAML. The VPN works fine but the self service page is often inaccessible to anyone in the organisation typically returning a 400. This is extremely annoying. Is there any reason why this would be happening?

asked 2 years ago1301 views
3 Answers
1

Hello,

I understand that you've been having problems accessing the Client VPN self-service portal and have been receiving 400 error codes even though the VPN seems to be working correctly.

Check to ensure that your endpoint ID is correct and that the self-service portal is enabled for your Client VPN endpoint, as not enabling the portal will make it inaccessible to your users [1].

For example, when you create a Client VPN endpoint, you can specify whether to enable the self-service portal for your Client VPN by setting the SelfServicePortal parameter to enabled [2].

When using the Client VPN self-service portal, the following rules apply [1]:

  • The self-service portal is not available for clients that authenticate using mutual authentication.
  • The configuration file that's available in the self-service portal is the same configuration file that you export using the Amazon VPC console or AWS CLI. If you need to customize the configuration file before distributing it to clients, you must distribute the customized file to clients yourself.
  • You must enable the self-service portal option for your Client VPN endpoint, or clients cannot access the portal. If this option is not enabled, you can modify your Client VPN endpoint to enable it.

Please let me know if this response has helped resolve the issue or if you have any questions.

Link to documentation:

[1] https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-self-service-portal.html

[2] https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateClientVpnEndpoint.html

answered 2 years ago
0

Sorry to revive a 4 month post, but we have a similar issue to this. In fact we receive a 404 & sometimes 403.

The Self Service is enabled within the endpoint configuration but the link provided simply produces a 404. How is best to troubleshoot this issue?

SteveC
answered a year ago
0

There are different potential clarifications for the AWS VPN Client's self-administration page being inaccessible and producing a 400 error. There may be an issue with Azure AD not being as expected arrangement, an organization issue between your organization and the AWS VPN Client self-administration page, or program reserve program store or threats can make unexpected issues. I recommend clearing your program's reserve and treats, disconnecting from your VPN, and reaching your Azure provider to have them look at the arrangement. In the event that this doesn't work, I'd say ping our IT support https://aws.amazon.com/contact-us/ and have them check the issue. They might help with the examination of logs, formats, and organization settings to decide the main driver and propose particular remedies.

answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions