Easily set up an online VPN using OpenVPN on a VPS with this simple script
Amazon Web Services offer cloud-based servers that allow a user to easily set up a remote Linux server and host a VPN using OpenVPN to use an unfiltered Internet connection that can pass through a proxy if you use port 443. This script is from Rosehosting.com.
The embedded script I am using works well on an Ubuntu server.
https://www.rosehosting.com/blog/openvpn-setup-script-for-debian-and-ubuntu/.
Upload this script to your Amazon AWS instance and make it executable.
chmod +x vpn.sh |
Then run this script as root.
sudo ./vpn.sh |
This will go through the entire process of creating a VPN configuration with one client.ovpn file which you download to a client and use to connect to the VPN server. Once you are connected to the VPN, you may connect using the server IP.
Here is an example;
ssh -i VOIPSystemServer.pem ubuntu@10.8.0.1 |
This line in your iptables configuration is necessary for the routing to work properly.
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE |
Then you should be able to route all Internet traffic through your VPN.
This is what my iptables configuration looks like on my Amazon AWS instance.
ubuntu@ip-172-31-20-234:~$ sudo iptables-save # Generated by iptables-save v1.4.21 on Thu Oct 23 23:24:56 2014 *filter :INPUT ACCEPT [3949772:556077068] :FORWARD ACCEPT [3995612:5433423511] :OUTPUT ACCEPT [4563664:5917631698] COMMIT # Completed on Thu Oct 23 23:24:56 2014 # Generated by iptables-save v1.4.21 on Thu Oct 23 23:24:56 2014 *nat :PREROUTING ACCEPT [5994:349922] :INPUT ACCEPT [234:12072] :OUTPUT ACCEPT [568:50233] :POSTROUTING ACCEPT [568:50233] -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE COMMIT # Completed on Thu Oct 23 23:24:56 2014 |
I did not require a ta.key, I added one later, but it did not make too much difference. The configuration is secure, there are more tweaks though that can further increase VPN security. There is a document here: http://openvpn.net/index.php/open-source/documentation/security-overview.html. This contains a lot of information about the security of a VPN and how this works. But this script really does work. Run this on a test machine and you will see how easy it is to create a secure Virtual Private Network. This would be very useful for running a VPN and using a secure tunnel to avoid online censorship. In this modern age when websites are being blocked and online monitoring is rife, this should be very helpful. This is also a very secure way to connect to a remote server using the VPN tunnel. Then you may use SSH to administer the server and manage services without the worry of data sniffing.
You do not need to port-forward the SSH services when using a VPN, just the VPN port over port 443, then once connected to the remote server you are using the local network through the VPN and then you would have access to all local networks services on the remote machine.
How to set a keyphrase for the VPN config using Easy RSA.
How to create keys with easy-rsa without a password prompt.
2 thoughts on “Easy way to setup a working OpenVPN configuration on Ubuntu server on Amazon AWS.”