Easy way to setup a working OpenVPN configuration on Ubuntu server on Amazon AWS.

Posted: October 24, 2014. At: 10:32 AM. This was 3 years ago. Post ID: 7860
Page permalink: http://securitronlinux.com/bejiitaswrath/easy-way-to-setup-a-working-openvpn-configuration-on-ubuntu-server-on-amazon-aws/

Now, we must convince Congress to stop the FCC. Can you display an alert?

Amazon Web Services offer cloud based servers that allow a user to easily setup a remote Linux server and host a VPN to use an unfiltered Internet connection that can pass through a proxy if you use port 443. This script is from Rosehosting.com, I had to fix one line in it to get the Ethernet adapter of the machine it runs on, so I uploaded it to the pastebin to host this new version. Upload this script to your Amazon AWS instance and make it executable.

chmod +x vpn.sh

Then run this script as root.

sudo ./vpn.sh

This will go through the entire process of creating a VPN configuration with one client.ovpn file which you download to a client and use to connect to the VPN server. Once you are connected to the VPN, you may connect using the server IP.

Here is an example;

ssh -i VOIPSystemServer.pem ubuntu@10.8.0.1

This line in your iptables configuration is necessary for the routing to work properly.

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

Then you should be able to route all Internet traffic through your VPN.

This is what my iptables configuration looks like on my Amazon AWS instance.

ubuntu@ip-172-31-20-234:~$ sudo iptables-save
# Generated by iptables-save v1.4.21 on Thu Oct 23 23:24:56 2014
*filter
:INPUT ACCEPT [3949772:556077068]
:FORWARD ACCEPT [3995612:5433423511]
:OUTPUT ACCEPT [4563664:5917631698]
COMMIT
# Completed on Thu Oct 23 23:24:56 2014
# Generated by iptables-save v1.4.21 on Thu Oct 23 23:24:56 2014
*nat
:PREROUTING ACCEPT [5994:349922]
:INPUT ACCEPT [234:12072]
:OUTPUT ACCEPT [568:50233]
:POSTROUTING ACCEPT [568:50233]
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Thu Oct 23 23:24:56 2014

I did not require a ta.key, I added one later, but it did not make too much difference. The configuration is secure, there are more tweaks though that can further increase VPN security. There is a document here: http://openvpn.net/index.php/open-source/documentation/security-overview.html. This contains a lot of information about the security of a VPN and how this works. But this script really does work. Run this on a test machine and you will see how easy it is to create a secure Virtual Private Network.

1 responses to “Easy way to setup a working OpenVPN configuration on Ubuntu server on Amazon AWS.

Leave a Reply