GreenPages Blog

As an IT professional, you need to stay current on all things tech; with articles from industry experts and GreenPages' staff, you get the info you need to help your organization compete and succeed!

All Posts

Setting Up a VPN Between Your Home Lab and AWS - Walk Through

Written by Chris Williams, Enterprise Consultant



I wanted to setup a VPN connection between my homelab (which is now running a Ubiquiti Networks – Unfi Security Gateway), but there wasn’t a lot of good information on the how-to of said endeavor out there. So… fodder for a new article! 

Phase 1 – Create a new test VPC with a VPN

I’m going to tear this down a few times to play with the nuts and bolts, so for the purposes of this article I’m just going to use the auto-created “VPC + VPN” option from the Start VPC Wizard console:


Make sure the CIDR block range you choose doesn’t conflict with any ranges you are currently using:


Set routing type to static and add any local CIDR ranges that you want visible to/from the VPC:

Once it’s up, you’ll have the information necessary to start phase 2


Also, make sure you download a Platform Generic Configuration so that you can get a copy of your pre-shared key:


Phase 2: Prepare homelab to connect with the newly created VPG

Log into the USG console, go to settings -> Networks and “Create New Network”:

Input the information in the appropriate fields, and make sure you open Advanced Options and modify those as well (I had to change my DH group and turn off Dynamic Routing):


You will also need to add a new route so that your USG knows where to push AWS traffic. Click on Routing & Firewall -> Create New Route & fill in the info:


I created a little T2 micro in the VPC so that I could test. This is the result from my laptop (in the home network):


And then I ssh’d into the t2 and performed the same steps for my home network:


Once I confirmed that my environment was able to see everything that I wanted it to, I went back to the AWS console and confirmed that 1 of the 2 tunnels was up (I didn’t establish both VPN tunnels, so this is expected):

Anyway, I hope this helps anyone else who might have been struggling with getting this set up! Ping me back if you run into any other issues that I might have missed.

If you enjoyed this and want to learn more about AWS Architecture best practices, check out GreenPages' Well Architected Review

Well-Architected Review Snip

About Chris:

Chris Williams (@mistwire) works as an Enterprise Cloud Consultant for GreenPages, helping customer design the next generation of Public & Private Cloud, specializing in AWS and VMware.  He also blogs about virtualization, technology and design at  He is an active community member, helping to run VTUG, AWS-PUG and contributes to vBrownBagChris’ list o’ letters:  AWS-PSA, VCIX6, VCAP5-DCD, VCAP5-DCA, VCP4-6, MCSE, ITILv3, and an old, crusty expired CCNA.

Chris Williams

Related Posts

The Pros and Cons of Cloud-Only or Cloud-Native SaaS

By Josh Morganthall, GreenPages' Senior Solutions Architect, Microsoft Cloud Over the past few years, companies have embraced the cloud-only workplace model: swapping out their on-premise software and servers for cloud-only “software as a service” (SaaS) solutions. Read about the pros and cons of going SaaS and how companies weigh all the options before deciding.

Tech News Recap for the Week of 10/03/22

If you had a busy week and need to catch up, here’s our recap of tech stories you may have missed the week of 10/03/22!

Tech News Recap for the Week of 09/26/22

If you had a busy week and need to catch up, here’s our recap of tech stories you may have missed the week of 09/26/22!