← Back to Labs
Advanced01:00:00

How to setup a free VPN server in AWS

Task 1Task 2Task 3Task 4Task 5Task 6Task 7
Task 1

Task 1: Sign in to the AWS Management Console

↑ Top
  1. Click on the Open Console button, and you will get redirected to AWS Console in a new browser tab.
  2. On the AWS sign-in page, Leave the Account ID as default. Never edit/remove the 12-digit Account ID present in the AWS Console. Otherwise, you cannot proceed with the lab. Now copy your User Name and Password in the Lab Console to the IAM Username and Password in the AWS Console and click on the Sign-in button.
  3. On the AWS sign-in page,
  4. Leave the Account ID as default. Never edit/remove the 12-digit Account ID present in the AWS Console. Otherwise, you cannot proceed with the lab.
  5. Now copy your User Name and Password in the Lab Console to the IAM Username and Password in the AWS Console and click on the Sign-in button.
  6. Once Signed In to the AWS Management Console, make the default AWS Region as US East (N. Virginia) us-east-1.
Task 2

Task 2: Launching an EC2 Instance

↑ Top
  1. In this task, we are going to create and launch an EC2 Instance with the required configurations.
  2. Make sure you are in the N.Virginia Region.
  3. Navigate to EC2 by clicking on the Services menu at the top, then click on EC2 under Compute section.
  4. Navigate to Instances on the left panel and click on the Launch Instances button.
  5. Enter Name as MyVPNServer
  6. Choose an Amazon Machine Image (AMI): Click on Browse more AMIs.
  7. Choose an Amazon Machine Image (AMI):
  8. Click on Browse more AMIs.
  9. Task 2: Launching an EC2 Instance
  10. Search for Openvpn in the search box.
  11. Click on the Select button of the OpenVPN Access Server
  12. Task 2: Launching an EC2 Instance
  13. Click on subscribe now.
  14. Click on the Continue button in the popup window.
  15. Choose an Instance Type: Enter t2.micro
  16. Task 2: Launching an EC2 Instance
  17. Note: Make sure only t2.micro is selected, Else it won't be allowed to launch the EC2 Instance.
  18. Key Pair: Choose Create a new key Pair hyperlink.
  19. Key pair name: Enter MyVPNKey
  20. Key Pair Type: Select RSA
  21. Private key file format: Select .pem
  22. Click on the Create key pair button to download the key to your local machine.
  23. Under Network Settings:
  24. The following ports will be automatically enabled :
  25. Now click on the Launch Instances button.
  26. Launching a VPN Server may take a few minutes, you may see a message saying that the Subscription may take an hour to complete.
  27. Scroll down and click on View Instances or click to navigate to the instance page
  28. Launch Status: Your instance is now launching, wait for the complete initialization of the instance till the status changes to Running.
  29. Task 2: Launching an EC2 Instance
  30. Now click on the instance ID and copy the IPv4 Public IP of this instance and place it in your text editor.
  31. Task 2: Launching an EC2 Instance
Task 3

Task 3: SSH into EC2 Instance

↑ Top
  1. Please note, that the username is root. Change the hostname or username to openvpnas.
  2. Please follow the steps to SSH into EC2 Instance.
  3. Task 3: SSH into EC2 Instance
Task 4

Task 4: Initialize the VPN Server

↑ Top
  1. Please enter 'yes' to indicate your argument [no]: Enter yes
  2. Will this be the primary Access Server node? Press ENTER for default [yes]: Click the [enter] button.
  3. Will this be the primary Access Server node?
  4. Press ENTER for default [yes]: Click the [enter] button.
  5. Please specify the network interface and IP address to be Press Enter for default [1]: Click the [enter] button.
  6. Please specify the network interface and IP address to be
  7. Press Enter for default [1]: Click the [enter] button.
  8. What public/private type/algorithms do you want to use for the OpenVPN CA? Press ENTER for default [rsa]: Click the [enter] button.
  9. What public/private type/algorithms do you want to use for the OpenVPN CA?
  10. Press ENTER for default [rsa]: Click the [enter] button.
  11. What key size do you want to use for the certificates? Press ENTER for default [2048]: Click the [enter] button.
  12. What key size do you want to use for the certificates?
  13. Press ENTER for default [2048]: Click the [enter] button.
  14. What public/private type/algorithms do you want to use for the self-signed web certificate? Press ENTER for default [rsa]: Click the [enter] button.
  15. What public/private type/algorithms do you want to use for the self-signed web certificate?
  16. Press ENTER for default [rsa]: Click the [enter] button.
  17. What key size do you want to use for the certificates? Press ENTER for default [2048]: Click the [enter] button.
  18. What key size do you want to use for the certificates?
  19. Press ENTER for default [2048]: Click the [enter] button.
  20. Please specify the port number for the Admin Web UI. Press ENTER for default [943]: Click the [enter] button.
  21. Please specify the port number for the Admin Web UI.
  22. Press ENTER for default [943]: Click the [enter] button.
  23. Please specify the TCP port number for the OpenVPN Daemon Press ENTER for default [443]: Click the [enter] button.
  24. Please specify the TCP port number for the OpenVPN Daemon
  25. Press ENTER for default [443]: Click the [enter] button.
  26. Should client traffic be routed by default through the VPN? Press ENTER for default [no]: Click the [enter] button.
  27. Should client traffic be routed by default through the VPN?
  28. Press ENTER for default [no]: Click the [enter] button.
  29. Should client DNS traffic be routed by default through the VPN? Press ENTER for default [no]: Click the [enter] button.
  30. Should client DNS traffic be routed by default through the VPN?
  31. Press ENTER for default [no]: Click the [enter] button.
  32. Should private subnets be accessible to clients by default? Press ENTER for default [yes]: Click the [enter] button.
  33. Should private subnets be accessible to clients by default?
  34. Press ENTER for default [yes]: Click the [enter] button.
  35. Do you wish to log in to the Admin UI as "openvpn"? Press ENTER for default [yes]: Click the [enter] button. Type a password for the 'openvpn' account: Enter Whizvpn123@ and press [enter] and then enter the same password to confirm the password.
  36. Do you wish to log in to the Admin UI as "openvpn"?
  37. Press ENTER for default [yes]: Click the [enter] button.
  38. Type a password for the 'openvpn' account: Enter Whizvpn123@ and press [enter] and then enter the same password to confirm the password.
  39. Please specify your Activation key (or leave blank to specify later): Click the [enter] button.
  40. Task 4: Initialize the VPN Server
  41. Now login as administrator, open Google Chrome and paste the following URL Syntax : https://<IPv4 Public IP>:943/admin/ Example: https://3.239.61.27:943/admin/ Now you will get a Warning message Your connection isn't private, this is because we are not using any SSL certificate for this connection.
  42. Now login as administrator, open Google Chrome and paste the following URL
  43. Syntax : https://<IPv4 Public IP>:943/admin/
  44. Example: https://3.239.61.27:943/admin/
  45. Now you will get a Warning message Your connection isn't private, this is because we are not using any SSL certificate for this connection.
  46. Task 4: Initialize the VPN Server
  47. Click on the Advanced Button and see if you have a proceed to website option then click on the link.
  48. If you see the below message instead, then type thisisunsafe on the keyboard and the page will automatically reload.
  49. Task 4: Initialize the VPN Server
  50. You will see a login page like this :
  51. Task 4: Initialize the VPN Server
  52. Login to the VPN Admin page : Username: Enter openvpn Password: Enter Whizvpn123@ Now click on the Sign in button.
  53. Login to the VPN Admin page :
  54. Username: Enter openvpn
  55. Password: Enter Whizvpn123@
  56. Now click on the Sign in button.
  57. Now On the License Agreement page click on the Agree button.
  58. Click on the VPN Server option in the left-side menu.
  59. To make sure all the internet traffic goes through the VPN, Under Network Settings Under Interface, make sure you have selected All Interfaces, if not select All Interfaces and click Save on the right corner.
  60. To make sure all the internet traffic goes through the VPN, Under Network Settings
  61. Under Interface, make sure you have selected All Interfaces, if not select All Interfaces and click Save on the right corner.
  62. Task 4: Initialize the VPN Server
Task 5

Task 5: Connect to the VPN

↑ Top
  1. Open a new tab in the Google Chrome browser.
  2. Paste the url https://<IPv4 Public IP>/ Example : https://100.26.97.202/
  3. Login to the VPN User Page : Username: Enter openvpn Password: Enter Whizvpn123@ Now click on the Sign in button.
  4. Login to the VPN User Page :
  5. Username: Enter openvpn
  6. Password: Enter Whizvpn123@
  7. Now click on the Sign in button.
  8. Now, based on which operating system you are using, download the VPN connector and install it on your local machine.
  9. Open the OpenVPNConnector application and if you see Onboarding Tour, just close it.
  10. Now again, agree to the terms and conditions.
  11. You will be able to see a pre-configured VPN profile, turn on this connection.
  12. Task 5: Connect to the VPN
  13. Now again enter the username and password. Username: Enter openvpn Password: Enter Whizvpn123@ Click on the OK button.
  14. Now again enter the username and password.
  15. Username: Enter openvpn
  16. Password: Enter Whizvpn123@
  17. Click on the OK button.
  18. Now you are connected to the VPN
  19. Task 5: Connect to the VPN
  20. Now you can start browsing using a VPN connection.
  21. OpenVPN is widely used and trusted by organizations and individuals worldwide for its robust security features, including encryption, authentication, and data integrity. It provides a flexible and scalable solution for establishing secure connections, making it suitable for various use cases, such as remote access to corporate networks, securing public Wi-Fi connections, and creating secure communication channels between different cloud environments.
Task 6

Task 6: Validation Test

↑ Top
  1. Once the lab steps are completed, please click on the Validation button on the left side panel.
  2. This will validate the resources in the AWS account and display whether you have completed this lab successfully or not.
  3. Sample output :
  4. Task 6: Validation Test
Task 7

Task 7: Delete AWS Resources

↑ Top
  1. Make sure you are in the US East (N. Virginia) Region.
  2. Navigate to EC2 by clicking on the Services menu at the top, then click on EC2 under Compute section.
  3. Now Select the EC2 instance that you have created, click on Instance State, and click on the Terminate instance option.
  4. Click on the Terminate button and your EC2 will start terminating.
  5. You have successfully created and launched the Amazon EC2 Instance.
  6. You have successfully logged into an EC2 instance by SSH.
  7. You have successfully Initialized the VPN Server.
  8. You have successfully connected to the VPN.
  9. Sign out of AWS Account.
  10. You have successfully completed the lab.
  11. Once you have completed the steps, click on End Lab from your lab lab console and wait till the process is completed
← Back to Labs