User VPN Flashcards
5 principles of Aviatrix User VPN
1 - Connect users to public cloud resources
2 - Cloud native (not backhaul to on-prem DC first)
3 - Least latency access
4 - enterprise grade: identity provider intergration
5 - multi-cloud repeatability
What clients are supported with Aviatrix User VPN
OpenVPN
Aviatrix VPN
Aviatrix VPN client is preferred when?
- Client has MacOs, Windows, Linux or BSD
- require SAML authentication directly from VPN client software
Aviatrix User VPN Automates …..
Launch cloud native loadbalancer
automate target groups to attache VPN gateways to LB
domain name of the vpn endpoint
connection ip created for .ovpn cert file to provide to clients
seemless relaunch of VPN gateways ofter deletion without reissue new .ovpn files (same IP)
A profile can be __________ with multiple users
associated
a user can be _________ with multiple profiles
associated
security based on use not _______
source IP
supports _______ profiles
multiple
__________ firewall rules
Automates
Geo VPN usage:
dynamically route VPN users to nearest Aviatrix VPN gateway based upon latency between user and gateways
users directed to AWS Route 53/Azure DNS that uses latency based routing policy OR choose between available regions
Default User VPN CIDR Block
192.168.43.0/24
Client Certificate Sharing facets
Disabled by default
Multiple users share same ovpn file
only used when authenticating with IDP
controller sess individual users, maintains history
How to preserver Client IP
VPN NAT must be disabled
VPN CIDRs must be advertised to transit for return traffic
PBR stands for?
Policy Based Routing
Reasons to use PBR Routing
Route VPN traffic via different gateway
anonymous web surfing
backhauling user traffic to cloud firewalls
