Compatible clients for AWS client vpn

does anyone know of any clients or compatible with AWS client VPN? aside from the official client that is.

some of our users are unhappy with the Amazon provided one, and want to try alternative options. we use SSO through Google, and that seems to be the hard part to support in an alternative client.

The OpenVPN client is supported but doesn’t work for SAML auth. AWS VPN client is your only option for SAML auth unfortunately.

We had the same issues you described. We tried:

  • The official AWS Client
  • Tunneblick Client
  • OpenVPN Client

As mentioned, SSO only works through the AWS client. Because of this and other reasons, we ended up ditching AWS VPN altogether and switched to Tailscale. Haven’t looked back since.

vase engine deliver spoon long point dolls scandalous six busy

This post was mass deleted and anonymized with Redact

Here is a comment from the Viscosity forum:

To support the larger SAML authentication messages they appear to have patched OpenVPN to significantly expand OpenVPN’s control channel message size.

The reason why OpenVPN uses such a small size limit in the first place is to avoid potential MTU issues. By simply increasing the size like Amazon have (assuming the patch file and my reading of it is accurate), they’re relying on the packets to be correctly fragmented. However on setups with broken PMTUD (roughly 10% of internet connections) this approach will likely result in a hung connection attempt that eventually times out.

The good news is that OpenVPN 2.5 adds offical SSO/SAML support, which is something that Viscosity will support in version 1.10. My recommendation would be to suggest to Amazon to adopt OpenVPN’s offical support for SSO/SAML so Viscosity (and other OpenVPN clients) will be able to work with their service.