Setup AWS VPN using OpenVPN AMI

OpenVPN offers OpenVPN Access Server AMIs at AWS Marketplace where you can use to establish VPN connections to your AWS VPC. There are several versions based upon the number of connected devices you needed.

OpenVPN Access Server does not charge extra if you only need up to 2 connected devices. Make sure you select the right AMI. This guide will use the free OpenVPN Access Server + t2.micro (Free tier eligible). That means it’s completely free if you are eligible for free tier.

Launch Instance

  • go to EC2 Dashboard
  • click Launch instance
  • select AWS Marketplace
  • search for OpenVPN
  • select OpenVPN Access Server
OpenVPN access server
  • click Continue on OpenVPN Access Server screen
  • choose t2.micro (Free tier eligible) as Instance Type
  • click Next: Configure Instance Details
select type

use defaults or select your preferred VPC & subnet at Step 3: Configure Instance Details. Just make sure Auto-assign Public IP is enabled. Then click Next: Add Storage.

all defaults on Step 3
  • At Step 4, select General Purpose SSD (gp2) as the Volume Type
  • click Next: Add Tags
select storage
  • At Step 5, you can add tags for identification.
  • then click Next: Configure Security Group
add tags

At Step 6: Configure Security Group, let AWS create a new security group for us.

  • click Review and Launch
sg
  • Review the configuration and click Launch on Review Instance Launch screen
review launch
  • You need a key pair to login in to the instance for some configurations. select Create a new key pair
  • enter key pair name (e.g. ec2-ssh-login)
  • click Download Key Pair
  • click Launch Instances
key pair
  • select Create a new key pair
  • enter key pair name (e.g. ec2-ssh-login)
  • click Download Key Pair
  • click Launch Instances

Once the instance launch is initiated:

  • click on View Instances (at the bottom right)
  • select the new instance and identify Public IP address

Activate OpenVPN Access Server

We will use the downloaded key pair file to log in to the machine using SSH. Make sure you are the only user has permission to access the file. Otherwise, ssh would not allow the use of the file

 ssh -i ec2-ssh-login.pem openvpnas@<public-ip-address>

Read the agreement. If agree, enter yes and hit enter

agreement

You will then be asked a bunch of questions to setup the initial configuration. You can all hit enter to use default settings. Once that’s all done, you are in.

default settings

Next we need to connect to the admin port. To do that, we need to have a password for user openvpn. Use the following command to setup your password:

sudo passwd openvpn
change passwd

Setup OpenVPN client connection

Use a browser and navigate to the instance using https:

https://<openvpn-instance-ip-address>
user login
  • sign in using user openvpn‘s credentials
login success

select the correct platform and download the OpenVPN Connect software. After download, install it.

In my case it’s on Windows, simply follow the steps to complete the installation.

installation

Run it, go through or skip the Tour. Then click Agree if you agree with the Data Collection, User and Retention

client agreement

click OK on compression notice

compression notice
ready

The OpenVPN profile should be setup already and ready to go. Click on the switch to login using your credentials:

client login
success

Awesome. You are now connected to AWS using OpenVPN.

Leave a Reply

Close Menu