This is PoC to connect to the AWS Client VPN with OSS OpenVPN using SAML authentication. Tested on macOS and Linux, should also work on other POSIX OS with a minor changes.
See my blog post for the implementation details.
- openvpn-v2.4.9-aws.patch - patch required to build AWS compatible OpenVPN v2.4.9, based on the AWS source code (thanks to @heprotecbuthealsoattac) for the link.
- server.go - Go server to listed on http://127.0.0.1:35001 and save SAML Post data to the file
- aws-connect.sh - bash wrapper to run OpenVPN. It runs OpenVPN first time to get SAML Redirect and open browser and second time with actual SAML response
- Build patched openvpn version and put it to the folder with a script
- Start HTTP server with
go run server.go - Set VPN_HOST in the aws-connect.sh
- Replace CA section in the sample vpn.conf with one from your AWS configuration
- Finally run
aws-connect.shto connect to the AWS.
Better integrate SAML HTTP server with a script or rewrite everything on golang