Install OpenVPN on Cloud


openvpnaws_logo

OpenVPN is an open-source software that implements VPN.It is used for creating the peer to peer connections.  OpenVPN is more than 16 years old. The first release was on 13 May 2001. But we will not go into details of explaining what is OpenVPN is, but instead we will go through how to install OpenVPN on the cloud.

For this post, I am using Free Tier provided by Amazon web services [aws.amazon.com/free].

We are going to install OpenVPN server and OpenVPN client on your local machine, so first, you need an AWS account. Login to your AWS account and goto EC2 Dashboard and launch an instance.


EC2 Management Lunch Instance

Then goto AWS marketplace and search for OpenVPN and select OpenVPN Access Server

Select Open VPN

I am going to select t2.micro as it eligible for the free tier and hit review and launch.

Instance Type

Here I am going to select General Purpose (SSD) and hit next.

Select Storage

After that AWS will skip to step number 7 where we need to review the Instance. After review hit launch.

Review Instance Launch

It will take few minutes to reach running states till then we will create an elastic IP so that the IP will not get lost. In order to create Elastic IP hit Elastic IPs in the left panel of EC2 Dashboard. Hit Allocate New Address and you will get an Elastic IP.

Allocate IP - 1

Now associate that address with your instance you have created earlier for OpenVPN.
Allocate IP - 2.png

After that, Elastic IP will link to that instance and become public IP of that instance.

instances.png

Now we have to SSH into the instance. This is a one time process. User for ssh will be openvpnas.
ssh-open-vpn

When you enter into the instance you will get this message. Enter yes and hit enter to continue.

openvpn-agreement

Now keep pressing enter till Initial Configuration Completes

complete-configuration-vpn.png

Once the configuration completes change the password for openvpn user. Enter

sudo passwd openvpn

update-openvpn-password

Now open the browser and goto the elastic IP address in location bar with https protocol. For example, I am going to use https://52.52.196.191 this will prompt a warning message as shown below. You just need to skip it and process to the URL.

privacy-error.png

It will ask you for login in the panel where you can enter openvpn as username and the password that you set earlier as the password. Then after you need to install OpenVPN client as I am working on Linux I am going select OpenVPN for Linux which will take you to this page https://openvpn.net/index.php/access-server/docs/admin-guides/182-how-to-connect-to-access-server-with-linux-clients.html

Just install OpenVPN client on your machine and download the user-locked profile which will be used to connect to OpenVPN.

OpenVPN Connect Profile

Connect to OpenVPN using following command

sudo openvpn --config client.ovpn

In order to connect, you must have root access.

openvpn-client.png

Once it is done go to admin panel by appending /admin after your URL. For example, https:///admin and it will take you to admin login page where you need to enter the same credentials as before.

openvpn-login-admin.png

At the first time it will ask you to agree upon its term, just hit agree and you will enter into the admin panel.

OpenVPN Access Server Status Overview.png

OpenVPN Login.png

Then go to Server Network Settings menu and unchecked Admin Web Server and Client Web Server and hit save. It will disable access to your Web Servers from public IP.

OpenVPN Access Server Server Network Settings.png

Now it will show the message saying Setting changed, hit Update Running Server and you will get site cannot be reached error which we intended to do.

openvpn-access-server-server-network-settings-update-e1509686754421.png

Now go to EC2 dashboard and get the private IP of your instance.

private-ip.png

Now go to web browser and replace public IP with private IP and append :943 at the end of the IP. URL should be like https://:943/admin. It will take you to the admin panel and that’s it. Now those who are connected to OpenVPN will able to access the server using private IP. That’s it your OpenVPN is now up and running.

OpenVPN Login Admin

Just a note for security measures you can remove SSH login from security groups.

Advertisements

About Prabhat Kashyap

Consultant(Engineer) at Knoldus Software LLP
This entry was posted in Devops and tagged , , , . Bookmark the permalink.

One Response to Install OpenVPN on Cloud

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s