How to setup own VPN Server (OpenVPN) for Personal Use based on Amazon EC2 (Free)

How to setup own VPN Server (OpenVPN) for Personal Use based on Amazon EC2 (Free)

Why do we need to have our own VPN Server? What benefits out of it?

·        No restrictions on internet access when working in LAN

·        100% secure since its own server

·        Reliable, because we are going to setup our VPN server on AWS.

·        Secure traffic between my computer to the VPN server. No 3^rd party can access into my traffic

·        Anonymous internet access

Pre-requisites:

·        Create an AWS account and login to the AWS console.

·        Knowledge on Amazon EC2

o   Create a ubuntu 18.0 instance (VPS)

o   Manage security groups

o   Create and assign elastic ip (static IP) to the newly created instance.

Why we go with Amazon EC2?

·        Easy to manage the server,

·        1 Year free. Pay-as-you go after a year.

·        Reasonable cost.

·        Reliable

Server Spec:

·        Amazon EC2 Ubuntu 18.02 64bit

·        OpenVPN Software Packages

Limitations:

·        Unlicensed OpenVPN allow only 2 connections at a time. (No limitations in traffic or functionality)

·        1 year free for Amazon EC2 then pay-as-you-go (Cost factor)

Steps:

1)     Create account on Amazon. https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/

2)     Create a ubuntu 18.0 instance (VPS) (select)

a)    Go “EC2”

b)    Go “Instances” >> “Launch Instance”

c)     Select “Ubuntu Server 18.04 LTS (HVM), SSD Volume Type “ (free-tier)

d)    Select “General Purpose t2.micro (free-tire)”

e)     Next (nothing to change)

f)       Add Storage (nothing to change)

g)     Add Tags >> Add Tag >> Key = “Name” | Value=”MyVPN”

h)     Configure Security groups

i)       Tick “Create a new security group”

ii)      Give name to “Security group name” as “My VPN”

iii)     “Description” as <anything you like>

iv)    Add Rules

(1)   Inbound:

(a)  SSH | 22 | Source: AnyWhere

(b)  Custom TCP | 943 | Source:AnyWhere

(c)  Custom UDP | 1194 | Source:AnyWhere

(d)  HTTPS | TCP | 443 | Source:AnyWhere

(2)   Outbound: All Traffic

i)       Review & Launch

j)       Launch

k)     Create a new Kay Pair

i)       Create a new or use your existing security key pair to SSH in to the VPS

ii)      Download Key pair and save in secure place

iii)     Launch Instance

l)       View instances

m)   Let’s create a static IP and assign it to the newly created instance.

i)       GO “Elastic IPs” under “NETWORK & SECURITY”

ii)      “allocate a new address”

iii)     “allocate” & “close”

iv)    Select new IP and go “Actions” >> “Associate Address”

v)     Select your newly created instance and its private IP

vi)    NOTE: YOU MAY CHARGE BY AWS IF YOU DO NOT ASSIGN A CREATED ELASTIC IP ADDRESS TO ANY INSTANCE AS PENALTY FOR KEEPING A STATIC IP WITHOUT USE!!!

vii)   “Associate” & “Close”

viii)  Its Done… You have created a AWS VPS for free (1 year)

3)     SSH to server:

a)    Go “Instances” and select your “MyVPN” instance.

b)    At bottom you will see the information of the VPS and copy the IPv4 Public IP to SSH it.

c)     Credentials to SSH:

i)       Server IP: Assigned elastic IP to the VPS

ii)      User: ubuntu

iii)     Password: <use created key pass .pem file>

4)     SSH using putty.

a)    Download putty if you don’t have from https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

b)    Open “PuttyGen” to create PKP file using pem file (one-time process, ignore if you already done this earlier)

c)     “Load” download PEM file

d)    “Save private key” without a passphase

e)     Close “puttygen”

f)       Open “Putty”

g)     Hostname: “ubuntu@<server static IP>”

h)     Connections>>SSH>>AUTH>> Browse and attached generated PPK file using PuttyGen.

i)       Click “Open”

j)       Click “Yes”

k)     Yes now you connected to the server using SSH

l)       Done

5)     Run this command on the server:

$        Sudo su

$        apt-get update

$        apt-get install net-tools wget

$        apt-get install ntp

$        dpkg-reconfigure tzdata

6)     Download OpenVPN package

a)    Visit: https://openvpn.net/vpn-software-packages/

b)    Select “Ubuntu” since we created a ubuntu instance. If not go for appropriate OS pack

c)     Right click on the desired download label and “Copy link address”

d)    Go back to SSH

7)     Install OPenVPN in new server

$        cd ~

$        wget https://openvpn.net/downloads/openvpn-as-latest-ubuntu18.amd_64.deb

$        ll

$        dpkg -i openvpn-as-latest-ubuntu18.amd_64.deb

$        passwd openvpn  (Change ‘openvpn’ user password)

$        Done..Enjoy

8)     Login to Admin

a)    https://<elasticIP>:943/admin

i)       User: openvpn

ii)      Password: <above change password for ‘openvpn’

b)    Agree

c)     Go “Configurations” >> “Network Settings”

d)    Change “hostname” into your <Elastic IP>

e)     Save

f)       Click “Update running server”

g)     Enjoy.. Done

9)     Client connection

a)    https://<elasticIP>

b)    Enter users userID & password

c)     Download and install the client software which need to connect through this VPN

d)    Connect to the VPN

10)  How to check whther I am connect through my VPN or not?

a)    Just google “What is my ip”

b)    You will see your server IP is display as result.

c)     Enjoy..Done

References:

v  How to use Putty: https://www2.linuxacademy.com/howtoguides/17385-use-putty-to-access-ec2-linux-instances-via-ssh-from-windows/

v  How to create a Amazon Instance: https://www.brianlinkletter.com/create-a-free-virtual-private-server-on-amazon-web-services/

v  Install OpenVPN on a Linux: https://openvpn.net/vpn-server-resources/installing-openvpn-access-server-on-a-linux-system/

v  OpenVPN Software package download: https://openvpn.net/vpn-software-packages/