How to create a free VPN server on AWS

A step by step tutorial for building your own free VPN server

A VPN (Virtual Private Network) is important if you want to have more secure and safe browsing and also using it when you want to create access to your VPC(Virtual Private Cloud). Sometimes getting a VPN can be hard at times, especially when you have to pay to use the service. In this article, I will show you how you can set up a working VPN server on AWS and you don’t have to necessarily pay for anything at all to use it. Let’s get started.

Photo by Thomas Jensen on Unsplash

Requirements

To get started with this tutorial, you need a Free Tier AWS account so you won’t be charged for running the VPN on AWS. If you don’t have an AWS account, not to worry, you can create one here which comes with a Free Tier Eligibility for 12 months.

Step 1: Set up OpenVPN server

Login to your AWS account, Navigate to the EC2 service and then click on Launch Instance.

Image by Author

Then on the page click on “AWS Marketplace” and type “openvpn” select the “OpenVPN Access Server”, the one with the “Free tier eligible” option and click Select.

Image by Author

OpenVPN is an opensource VPN server, in this case, we are using an Ubuntu AMI(Amazon Machine Image) to run the VPN, sometimes AWS marketplace is better if you don't want to go through the headache of configuring the OpenVPN server yourself.

After clicking Select, you will be directed the page below. Remember, as I said earlier OpenVPN is a free and Open Source VPN, but it’s a commercial service but although we can be allowed to open two VPN accounts for free without being charged anything using the Bring Your Own License(BYOL) option and that’s the essence of the page being displayed here. After this, scroll down and click Select.

Image by Author

Then you’ll be directed to this page, this is where the service will be running on, select the t2.micro which contains the Free tier eligible tag, then click on “Review and Launch”

Image by Author

After clicking on Review and Launch, you see a review of the instance you’re about to create. If you read through you’ll see that the cost of running the service is $0.00 per hour. Click on Launch

Image by Author

Then you’ll see a pop up which ask you to create or use an existing key pair, this part is very important because you’ll need it to SSH to your server. If you don't have one already you can create a new key pair and download it to your computer. Then click on Launch Instances. In a few seconds, your instance will start running and you’re good to go.

Image by Author

Step 2: Server Configuration

After your instance has successfully launched. Open your terminal and SSH to your server as a root user in order to configure the admin side of the VPN, to do that use the command below:

ssh -i "<your-key-pair>" root@<your-public-instance-domain>

Your key pair is the one you either recently downloaded or you have on your computer, also ensure you specify the path of your key pair for it to work, that’s if it’s in a different directory. Your public instance domain can be found on the EC2 dashboard. If entered correctly you should see a license agreement terms, type yes and enter.

Image by Author

Next, you’ll be prompted with how you want to configure your VPN, to leave the settings default just continue to hit enter and it will start the configuration process for you. After it's done you’ll see an instruction to no longer login as root but as user “openvpnas” which is created by default.

Image by Author

Now SSH to the instance again, but not as root but as user “openvpnas” using the command below:

ssh -i "<your-key-pair>" openvpnas@<your-public-instance-domain>

When you’ve logged in successfully, create a password for the user “openvpnas”, this is going to be the admin and client password to have access to the VPN portal, you can do that using the command below:

sudo passwd openvpn

You’ll see a prompt to create a new password. And that’s it, you’ve successfully configured the server.

Step 3: Using the VPN service

Congratulations on getting to this point of the tutorial, but before we start using it we just need to enable one little feature in our VPN.

Copy the public DNS or the IP address for your instance and paste the following on your browser:

http://<your-instance-public-DNS or IP address>:943/admin

You should see the following page:

Image by Author

If you don’t see this page, try using an incognito browser to open the webpage. For the Username enter, “openvpnas” and password is the one you created earlier in step 2. If successful, you’ll be asked to accept license agreement terms and then you should see this page:

Image by Author

Now on the left page, go to configuration and click on “VPN Settings”

Image by Author

Then scroll down to Routing and enable “Should client Internet traffic be routed through the VPN?” option:

Image by Author

Scroll down and click on Save Settings.

Image by Author

When you change the settings, you’ll need to update the server, so click on “Update Running Server” and you're done!!!

Now let’s connect to the VPN…

Go to the URL and remove the admin path, it should be something like this:

http://<your-instance-public-DNS or IP address>:943/

You should see the user login page, enter the same credentials you use to log in for the admin

Image by Author

Now select the OS of your choice you want to use the VPN on, follow the prompts and you’re good to go!!!

Image by Author

And that's all. Thanks for reading and stay safe 😃.