Skip to content

Commit e94c9d2

Browse files
RalimRalim
committed
Update README.md
1 parent 45e3991 commit e94c9d2

File tree

1 file changed

+14
-17
lines changed

1 file changed

+14
-17
lines changed

README.md

Lines changed: 14 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,24 @@
11
# aws-vpn-client
22

3-
This is PoC to connect to the AWS Client VPN with OSS OpenVPN using SAML
4-
authentication. Tested on macOS and Linux, should also work on other POSIX OS with a minor changes.
3+
This is an updated PoC to connect to the AWS Client VPN with OSS OpenVPN using SAML
4+
authentication. Tested on Linux primarily, but should work on OS X.
55

6-
See [my blog post](https://smallhacks.wordpress.com/2020/07/08/aws-client-vpn-internals/) for the implementation details.
6+
This is based on the work by [samm's repo](https://github.com/samm-git/aws-vpn-client); and you can read their [ blog post](https://smallhacks.wordpress.com/2020/07/08/aws-client-vpn-internals/) for the implementation details.
7+
8+
This version has taken the shell scripts and folds all of that into a single golang binary.
79

810
## Content of the repository
911

1012
- [openvpn-v2.4.9-aws.patch](openvpn-v2.4.9-aws.patch) - patch required to build
11-
AWS compatible OpenVPN v2.4.9, based on the
12-
[AWS source code](https://amazon-source-code-downloads.s3.amazonaws.com/aws/clientvpn/wpf-v1.2.0/openvpn-2.4.5-aws-1.tar.gz) (thanks to @heprotecbuthealsoattac) for the link.
13-
- [server.go](server.go) - Go server to listed on http://127.0.0.1:35001 and save
14-
SAML Post data to the file
15-
- [aws-connect.sh](aws-connect.sh) - bash wrapper to run OpenVPN. It runs OpenVPN first time to get SAML Redirect and open browser and second time with actual SAML response
13+
AWS compatible OpenVPN v2.4.9, based on the
14+
[AWS source code](https://amazon-source-code-downloads.s3.amazonaws.com/aws/clientvpn/wpf-v1.2.0/openvpn-2.4.5-aws-1.tar.gz) (thanks to @heprotecbuthealsoattac) for the link.
15+
- [main.go](main.go) - a go wrapper to perform the authentication and handle the double-tap of connecting to the vpn
16+
- [compile-patched-openvpn.sh](compile-patched-openvpn.sh) - bash script to download,patch and compile the openvpn client to use for the golang tool
1617

1718
## How to use
1819

19-
1. Build patched openvpn version and put it to the folder with a script
20-
1. Start HTTP server with `go run server.go`
21-
1. Set VPN_HOST in the [aws-connect.sh](aws-connect.sh)
22-
1. Replace CA section in the sample [vpn.conf](vpn.conf) with one from your AWS configuration
23-
1. Finally run `aws-connect.sh` to connect to the AWS.
24-
25-
## Todo
26-
27-
Better integrate SAML HTTP server with a script or rewrite everything on golang
20+
1. Build patched openvpn version using `compile-patched-openvpn.sh`
21+
1. Either save your downloaded aws config as `~/.awsvpn.conf` or place it somewhere nice
22+
1. Compile the go wrapper `go build`
23+
1. Run the golang tool, use command arg `-config` to point to your conf file if its not saved as `~/.awsvpn.conf`
24+
1. This should do the rest from here

0 commit comments

Comments
 (0)