I’m using AWS infrastructure and Have 2 VPN solutions, the first one is I VPN endpoint using AWS VPN client I connect to my VPC, to connect to Mongo Atlas I needed to create new VPC endpoint, and it works but is created new URI to access the database. The second VPN using FortiGate with VPN Peering to AWS, and it accesses Mongo Atlas is with peering.
The issue currently is having 2 URI for the same database which make programmatic problems to developer.
Right now, the AWS VPN can only access one URI and not the other, the same with Forti. How can I make them share the same URI? With access no matter which VPN I’m using?
I try to open a ticket to Mongo about the issue and the answer was that is not possible to get one URI for both way, I’m trying to solve it with AWS network. Anyone have any idea how can I direct AWS VPN to Mongo Atlas with peering?
You cannot. Honestly the developers need to just deal with it. There are numerous patterns for using an “if dev go here, if prod go there” pattern… or they could try connecting to one and fail to the other in series.
it’s easy but it’s a different approach. So you need to create a vpn peer connection between aws and mongodb via aws and atlas UIs. And i mean aws private network, you can use a public network but in aws it’s not welcome and for some services impossible. When you connect two VPC now aws has a full access to atlas.
Then you launch a ec2 instance, a free tier one, i think t2 type in aws public network. So for this part you don’t pay anything.
Then you install from marketplace open vpn which costs $50-$80 i believe per month for 5 users. I think best way to install open vpn from the aws marketplace with ec2 image. You can find lots videos on youtube.
Then you connect to this server and have access both networks at the same time. Easy to debug something from your Mac or windows and have full access to it.
That’s it. The cost aws marketplace $50-$80 + atlas peer link $100 so undee $200 and you can scale up to 5 people easily and if you need more people just buy bigger open vpn license.
Because people have sometimes issues with forti I tried to create alternatives. the AWS VPN is a backup VPN when people have issue with the forti.
I’m not sure I understand the solution you gave me here. i have 2 vpc with vpc peering and a peer to mongo atlas that work when im using forti. the issue is the AWS VPN work diffrently then the forti.
well, im aws guy) so i have no clue what forti can do but if i remember right forti client doesn’t work with aws vpn. At least, last time it didn’t work when I worked with it. Also not always vpn clients can work with all vpn servers because they come as pair and its extremely hard to configure and make it work
