By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Client VPN endpoint connection from mobile phone

0

Good Day, I am getting "Authentication Failed" error when attempting to connect to AWS Client VPN endpoint from a mobile device. Based on https://docs.aws.amazon.com/vpn/latest/clientvpn-user/android.html "OpenVPN" client was installed on iphone device and configured with the same configuration profile that works perfectly fine on Desktop with "AWS VPN Client" app. The authentication is configured as federated going against MS Azure AD (SAML), No Client Certificate is being used. In OpenVPN client logs we are getting "AUTH_FAILED Invalid username or password". Is there anything that can be done about this? Thank you, Sergey

Topics
Front-End Web & MobileNetworking & Content Delivery
Tags
Front-End Web & MobileAWS Client VPN
Language
English
Sergey
asked 10 months ago826 views
1 Answer
0
Accepted Answer

AWS Client VPN with SAML based federated access ONLY supports the official AWS Client VPN Software.

You can not use 3rd party VPN Software (open vpn client) if you are using federated access. To use 3rd Party VPN Software, you have to use certificate based authentication.

It is also confirmed here https://docs.aws.amazon.com/vpn/latest/clientvpn-user/linux.html

profile picture
EXPERT
Gary Mclean
answered 10 months ago
profile pictureAWS
EXPERT
Tushar_J
reviewed 10 months ago
profile picture
EXPERT
Sedat Salman
reviewed 10 months ago
  • Sergey
    10 months ago

    I guess I can still use a variation of AWS AD, potentially AWS AD Connector. In our case certificate based authentication is not an option. But I've got the point about the "federated access" part. Thanks

  • Gary Mclean EXPERT
    10 months ago

    Yeah you may have to create an AWS managed AD and then create a trust with your azure ad and use AD auth. 100% I agree, I wouldn’t use certificates. I have in the past but it’s far easier with SAML with azure that I’ve setup in the past. Good luck hope you get to a working solution.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content