Installation
yum install -y --enablerepo=epel openswan xl2tpd bind
...
Configure
/etc/named.conf
...
and
...
the zone file /var/named/masters/commonidtrust
...
.
...
org
...
(see
...
examples
...
attached).
...
Configure xl2tpd and Openswan.
chkconfig named on
chkconfig ipsec on
chkconfig xl2tpd on
Recursion is disabled and rate limiting is set at 5 per second. Since there are a total of 3 records, this is basically impossible to use in any form of attack, ever, and it's in a personal account anyway.
Logging
named logs to /var/log/messages
...
Start/Stop
...
Commands
...
/etc/init.d/named
...
start
...
/etc/init.d/named
...
stop
This is configured to serve up the A and/or CNAME records for account.commonidtrust.org, helpdesk.commonidtrust.org, and login.commonidtrust.org for the specific VPC environment.
VPN Docs:
pretty much just stole http://www.stormacq.com/build-a-private-vpn-server-on-amazons-ec2/