Create Your Own VPN Server Using AWS & OpenVPN

Ever wanted to setup your own VPN server at a fraction of the cost using AWS ? I live in South Africa and due to geo restrictions, services such as Netflix USA and Hulu are inaccessible or are they ? This isn’t legal and only being done to see if it is possible. A while back I figured out that it would be easy to create my own VPN server. In this tutorial you’ll create your own VPN server using OpenVPN, we’ll use a t2-micro instance to keep the costs low, you’ll only be able to connect 2 devices concurrently.

Step 1: Launch an EC2 instance from the Marketplace, create a role, create a key pair access your EC2 instance via SSH

-> Login to the AWS Management Console.
-> Select EC2 under Compute.
-> Search for OpenVPN under AWS Marketplace.
-> Select the Amazon Machine Image (AMI) which is eligible for free tier.
-> Click “Continue”.
-> Select “t2.micro” and click “Next: Configure Instance Details”.
-> Create a role and search for EC2.
-> Select “AmazonEC2FullAccess”.
-> Click “Next: Tags”.
-> Click “Review”.
-> Create a role name eg. “OpenVPNEC2”
-> Click “Create Role”.
-> Select the launch instance tab that you were previously on until a new tab was opened to create a role.
-> Click the refresh icon next to “IAM role”.
-> From the dropdown, select the role you created (OpenVPNEC2) or the name you chose.
-> Click “Next: Add Storage”.
-> Click “Next: Add Tags”.

Key: "Name"             Value: "My Own OpenVPN Server"

-> Click “Next: Configure Security Group”.
-> Leave all the defaults as is, click “Review & Launch”.
-> Click “Launch”.
-> Create a new key pair.

"myownopenvpn" or choose any name of your choice.

-> Download the key pair.
-> Click “launch Instances”.
-> Scroll down the page and click “View Instances”.
-> From the left hand pane, select “Elastic IP” under “Network & Security”.
-> Click “Allocate new address”.
-> Select the instance you created earlier on, select the private IP that appears from the dropdown.
-> Click “Associate”, click “Close”.
-> From the left hand pane, scroll up to the top and select “EC2 Dashboard”.
-> Click Running instances.
-> Select “My Own OpenVPN Server”.

Step 2: Connect to your EC2 instance via SSH, reset the OpenVPN user paasword

-> Open terminal
-> Type “cd Downloads” (the key you downloaded earlier on should be under the downloads Folder)
-> Type the following command:

chmod 400 myownopenvpn.pem.txt (the name of your key pair)

-> Connect to your EC2 instance

ssh -i myownopenvpn.pem.txt openvpnas@PublicDNS

-> Type “yes” to accept the EULA
-> Press enter for the remaining options to use the default setings.
-> Change the password

sudo passwd openvpn

-> Create a password and re-enter the password to confirm.

Step 3: Setting up the VPN client and connecting to your VPN

-> Copy the iPv4 Public IP for the EC2 Instance in the Management Console
-> Open a new browser tab and type https://[iPv4 Public IP]

You will be greeted with a warning message “This connection is not private.” This is a result of our newly created server not having a valid certificate for accessing the URL we typed in the browser.

-> Click Show Details
-> Click visit this website
-> Type openvpn as the username and supply the password you created in step 3.

-> Download the openvpn client for Mac.
-> Download the connection profile.

Install the openvpn client and launch the application.

-> From the menu bar, select the openvpn app.
-> Click import, select from local file.
-> Select the newly imported connection, select “Connect as openvpn”

That marks the end of this journey. You’ve created your own VPN somewhere in the cloud, whether you use it to bypass geo restrictions or not. That’s solely up to you.

“With great power comes great responsibility” - Uncle Ben

Read up on Elastic IP addresses: