Install And configure OpenVPN in AWS to secure your Cloud infra
4 min read
Virtual Private Network
A virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.
OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.
It Have 3 parts.
Launch the OpenVPN Ec2 instance in AWS
Configure Application in appliance via ssh
Configure Application in web console
Download install and configure OpenVPN client
Test to connect your private instance via OpenVPN.
1. Launch the OpenVPN Ec2 instance in AWS
- First Launch the instance in Ec2 Service page.
- In the ami selection page search openvpn in aws market place and choose first one
- Then continue in the OpenVPN vendor page . It show the cost for all types of instance and ami charge per hour. we will going to use free tier 2 user appliance.
- In the instance type selection page choose which type of instance you want. if you have free tier eligibility choose t2 micro otherwise choose t2 nano.
- Leave the default option for all other settings.
- See in the security group section OpenVPN automatically create the security group for you.
- After that choose a keypair and launch the instance.
2. Configure Application in appliance via ssh
Now we are going to connect our OpenVPN ec2 via ssh and configure the appliance.
- Its asking license agreement give yes
- see here we are using root user to ssh the ec2 instance.
- After that it asking many question .... you just leave the deafulat values hit enter till the end.
- After the configuration you must want login as openvpnas instead of root user.
- Now we are logged in as OpenVPNas (appliance default) user.
- Here we want to change the OpenVPN application user password.for that execute the below command.
- During this its asking password input and verification. so enter two times.
sudo passwd openvpn
- That's all... the shell configuration part is complete now.
after that you can proceed to application configuration part.
3.Configure Application in web console
- Now we are going to access openvpn application in browser for that enter openvpn server public ip in the below format
Its looks like
- Here click advanced and proceed with unsafe.
- Now the we are seen OpenVPN login page . enter the user name as openvpn and password you reset in previous section.
- After login go to configuration and VPN settings.
- Under the route settings enable the below option.
Should client Internet traffic be routed through the VPN?
- Save settings in the bottom of the page then top of the page it shows update running sever select that.
Thats all ...
4. Download install and configure OpenVPN client
Downlaod Openvpn Client and Config file
- Now we are going to download the open VPN client for our OS platform.
For this open the ip with port943 in https protocol.
- Then login with the same credential. If you want login with different user other then OpenVPN user create it in admin console.
4. Download install and configure OpenVPN client-
Here i am using same user for admin and user.
- After login to the user console it shows all the available clients for all the operating systems.
- I am going to download for windows client and configuration files.
Install OpenVPN Client
- After download the windows installer install it.
- Before enable VPN ,I want to check my public IP in browser.
See this is my Public IP:
OpenVPN Client Configuration
- When you open the OpenVPN client.Its asking user agreement. Just click agree and continue.
- After that its shows client in disconnected state.in the bottom of the client it shows one plus symbol just open it.
- In the next screen click file and import downloaded OpenVPN config file.
- And enter the password for the user.
- After that its connected.
- Now we want to check our Public IP in browser.
yea ... now the ip changed.
5. Test to connect your private instance via OpenVPN.
- Now we are going to test our VPN. for that we want to connect any of our ec2 instance that have only accessible by OpenVPN Subnet.
- For that i will change my one of ec2 servers security group .
- Modify the ssh port only accessible by OpenVPN subnet.
- Now connect the server via ssh when disable the OpenVPN client.
- After enable OpenVPN I Have connect the server via ssh.
That's all guys we have successfully install openvpn and configred and tested it correctly.
Did you find this article valuable?
Support Venketraman by becoming a sponsor. Any amount is appreciated!