Site to site VPN IPsec Tunnel

[anjugds]

hi @abhirpat and @fhoueto-amz Can we use IPsec Tunnel site to site VPN to connect to Dashboard from the Customer Network. If so is there anything to consider?

We have our chatbot deployed in VPC and inside OpenSearch inside the private subnet.

Regards, Anju

[abhirpat]

Hi @anjugds , when using VPC template it deploys OpenSearch and OpenSearch Dashboards within a VPC's Private Subnets. By default, there are no means of accessing OpenSearch Dashboards within the VPC's Private Subnets. Thus, you will need to use a Tunnel to make a connection to this network. We have a guidelines on this using SSH SOCKS5 Tunnel but you can further try exploring with IPsec Tunnel. To learn more, please see Accessing OpenSearch Dashboards in VPC

[anjugds]

hi @abhirpat,

We know this connection by creating EC2. But here client wants to have a connection from their Network to this dashboard using IPsec tunnel. Please let us know if their is any limitations considering the chatbot.

Regards, Anju

[abhirpat]

Hi @anjugds, the QnABot utilizes AWS OpenSearch which provisions OpenSearch Dashboards. To learn more about its limitations, you'll find it in OpenSearch documentation. Please check this reference: How can I use Amazon Cognito authentication to access OpenSearch Dashboards from outside of a VPC? This link provides details about OpenSearch Dashboards, VPC, and Cognito integration, which should help address your concerns about limitations. [1]. Additional Reference - AWS OpenSearch Documentation

Please let me know if you need any further clarification or have additional questions.

Thank you, Abhishek

[anjugds]

Thank you!