Note that with this platform, request headers are passed from the client to the AWS Network Load Balancer and through the ingress controller unchanged, but the X-Forwarded-For and X-Real-IP headers have the client IP address added to the header value.

Work with your Ping Identity partners to determine which option is right for you.

  • The Internet Only option allows you to access your on-premise and cloud-based resources using the public internet. With this option, you can access all the internal URLs listed for Simple VPN.

    You can also connect to on-premise directories for authentication purposes, but you do not have access to the PingOne Advanced Services LDAP endpoint.

  • The Simple Network option offers secure connectivity between your resources in on-premise, AWS, or third-party cloud environments. There are two different types of simple networks, which are not mutually exclusive so both can be used at the same time, if appropriate.
    • Simple VPN: Simple VPN networking supports a wide range of protocols, such as LDAPS, HTTPS, to connect to your resources, including Oracle, Active Directory, and LDAP. The VPN connection will also support REST and some custom protocols in your network.

      With the Simple VPN, you will need to provide a /24 CIDR block from your RFC1918 IP space for the VPN landing zone. All of the private PingOne Advanced Services private endpoints that you connect to will be within the specified IP range in your AWS account.

    • PrivateLink: If you have your own AWS instances that you can connect to, the AWS PrivateLink might be the right option for you. AWS PrivateLink provides private connectivity between virtual private clouds (VPCs), supported AWS services, and your on-premises networks without exposing your traffic to the public internet.

      With PrivateLink, IP space is hosted within your AWS Virtual Private Cloud (VPS).

    Kerberos and RADIUS are not currently supported for either type of simple network.
  • The Advanced Network option is designed for the most sophisticated networking needs. You connect to your on-premise and cloud-based environments using a secure, private connection, and there is no limit to the number of connections you can have.

    This option also supports all protocols that will allow you to design a network that meets the unique needs of your organization.