Questions, not issues, about VPN setup

[waynelxb]

Hi Kim, Thank you for your sharing very much! I am trying to following "Simplify Your Development on AWS With Terraform" (https://jaehyeon.me/blog/2022-02-06-dev-infra-terraform/) to set up an environment for testing. After I downloaded this repo, I tried to run terraform to deploy/create the resources. The prompt asked to me to provide IPsec Pre-Shared key and SoftEnthe administrator password. My questions are:

1. Should I run Terraform first or create SoftEther VPN Server first?
2. Where should I create SoftEnther VPN? on my local computer or EC2 (I think it should be EC2).
3. If it should be on an EC2 instance, does it mean we need to create this EC2 instance without Terraform?

Sorry, there are my dumb questions. Thank you for your time very much!

[jaehyeon-kim]

Hi @waynelxb

My answers can be found below.

1. Should I run Terraform first or create SoftEther VPN Server first?
   • When you run Terraform, the server will be deployed on an EC2 instance. Note the VPN manager and client app should be installed locally. See post for details.
2. Where should I create SoftEnther VPN? on my local computer or EC2 (I think it should be EC2).
   • EC2 for the server
3. If it should be on an EC2 instance, does it mean we need to create this EC2 instance without Terraform?
   • vpn.tf uses a module that deploys an EC2 instance

If you don't want to specify those variables, I added an update how to change the script so that they are created automatically.

[waynelxb]

Thank you very much! At this moment I am using the code in your GitHub repo. I just ran into the issue shown below. Could you share some thoughts?

Thank you!!!

[jaehyeon-kim]

Hello,

I think you can remove the line as it is not an accepted attribute any more - https://registry.terraform.io/modules/terraform-aws-modules/rds-aurora/aws/latest

[jaehyeon-kim]

Also add VPN auth variable values. If you just hit enter, you may not be able to login later.

[waynelxb]

This is what I did

1. Get the original code from the Repo
2. Downloaded and Installed SoftEnther Manager and Client on my local machine.
3. With VS Code, open the Repo code folder as shown in my second post above.
4. I commented "# create_random_password= false " in aurora.tf and update " user_data_base64 " to " user_data" in vpn.tf
5. Run terraform init. No issue.
6. Run terraform plan or terraform apply. Then the prompt message immediately asks me to input "SoftEther VPN admin / database master password" and "The IPsec Pre-Shared Key". However, at this moment, VPN Server is not deployed by Terraform yet. How can I know what the password or Pre-Shared Key? Does it mean I just input e.g. "abcde" as password or Pre-shared Key and save them with notepad first, then use such info to set up VPN later after the resources are deployed with Terraform later?
7. Same thing like setting up SoftEnther, at this moment I have no idea about the VPN Server IP. Does it mean it should be set up after the deployment with terraform, I go to AWS to find out the IP of the EC2 instance for VPN, then come back to set up SoftEnther?

Please forgive me for these dumb questions. Also thank you so much for all your reply!

[waynelxb]

I tried to update the original code with the code you mentioned "UPDATE 2023-10-13". However, because I am not quite confident to update partial original code with the code "UPDATE 2023-10-13" (I tried but ran into some issues, maybe I did not do it right, it would be great if the complete scripts of "UPDATE 2023-10-13" could be available), so I still try to figure it out with the original code. Thank you so much!

[jaehyeon-kim]

Can you check this link - https://github.com/jaehyeon-kim/flink-demos/blob/master/real-time-streaming-aws/infra/vpn.tf