Now we will associate our new EIP with the OpenVPN Instance.We will be creating a new Elastic IP by clicking “Allocate new address” at the top. Login to your AWS account and navigate to the EC2 Dashboard and click “Elastic IPs” on the left.If it were to change, you would need to reconfigure your server every time. Step 2 – Create an Elastic IP for the OpenVPN Instance and then SSH into the instance to configure the OpenVPN Server Setting an Elastic IP for your instance ensures the VPN Public IP does not change if you need to stop your instances. Next steps will be to setup an EIP and then SSH into the server to setup OpenVPN. Our OpenVPN Access Server is now being created in our AWS Account.If you are making a new key-pair, type in the name and then click “Download Key Pair” and then “Launch Instances.”
I will be creating a new key-pair for this demo, but if you already have one, feel free to re-use it. After pressing “Launch” you will be presented with the key-pair screen.For this demo I am leaving port 22 open to the world but in a real use case I would limit this to my current IP ONLY. *note: The warning seen is very important. TCP – Port 22 – SSH port TCP – Port 443 – HTTPS port used for OpenVPN TCP connection TCP – Port 943 – OpenVPN web-ui UDP – Port 1194 – OpenVPN UDP port
After setting your SG access, click “Review and Launch” and then “Launch.” All of the default ports can be changed from the admin tool. The ports we will be setting up are TCP: 22, 443, 943, and UDP: 1194.
Step 1 – Launch an EC2 instance from the OpenVPN Access Server AWS Marketplace offering First we will need to create an EC2 instance using the OpenVPN Marketplace AMI offering.
The following are prerequisites for this process:
In this post I will show you how to setup a Software VPN using OpenVPN via their AWS Marketplace Offering, setup the local VPN Client to connect to the OpenVPN server, as well as create an instance in a new private subnet in the default VPC that we will use to test our VPN Connectivity. With that said, not everyone is able to setup an AWS Direct Connect connection, or have a network appliance they can setup for VPN connections into AWS. In today’s cloud world, being able to connect securely and privately to your AWS instances is a necessity.