Hey guys, today we will be creating a our very own VPN server with Alpine Linux and OpenVPN in an AWS EC2 instance. So, let''s get started. What we will be doing is, create an Elastic IP, attach it with our EC2 instance. SSH into it, and then, configure a VPN server, copy the client VPN connection pack to our machine and then try to connect to it.
Sign in to your AWS console and go to the EC2 dashboard.
Go to Elastic IPs. And, Allocate Elastic IP Address
Once you have an IP address, go to Instances.
Click on Launch Instance and search for alpine in the Community AMIs tab.
The one we will use is: alpine-ami-edge-x86_64-20200205024005 - ami-002a48030440e00da
Once you've selected it, the instance type of t2.micro will work for us.
Then, keep hitting next until you reach Configure Security Group section.
There, you will need to add a new rule.
Type: Custom UDP Rule
Port Range: 1194 (The port that you will be using for the VPN connection)
Source: My IP (You can change it as per your needs)
Now, hit Review and Launch and Launch it.
Also, create a key pair and download it if you don't have one already.
I already have one and will be using it.
Now, go back to Elastic IPs and select the IP address. Click on Associate Elastic IP address and select your instance and its private IP. You don't really need to configure it for reassociation, but that's up to you. Once you're done with that, hit Associate.
Now, go back to Instances and you should see that it has your new Elastic IP. Nice.
Now, we will need to ssh into the box and configure it.
To ssh into the box:
ssh -i "abhizerawseducate.pem" alpine@<yourip>
Now, switch to root and follow along:
sudo su setup-alpine
Now, keep hitting return until it asks for your DNS domain name, there enter your public DNS name, you should find this in your console. It looks something like this:
Now, keep hitting return until you're done.
Once the initial setup is done:
modprobe tun echo "tun" >> /etc/modules-load.d/tun.conf wget https://raw.githubusercontent.com/captainwasabi/openvpn-install/master/openvpn-install.sh apk add bash bash openvpn-install.sh
Now, again, keep hitting enter until you are prompted for Public IP address / hostname. There, enter your public IP address.
Now, select the protocol, we'll go with UDP; port, we will go with 1194; DNS, you can use the current system resolvers; client name, I'm gonna enter abhizerprivatevpn, you can enter whatever you want; hit enter and you should have a vpn connection pack at
/root/, in my case it is abhizerprivatevpn.ovpn.
cd /root ls
And, it should be there. Now, to download this, I'm gonna use
scp you can use whatever you want. So, to do that, as our root user isn't allowed a direct ssh login, let's change the owner of the file to
alpine that way, we can fetch it.
chown alpine:alpine abhizerprivatevpn.ovpn mv abhizerprivatevpn.ovpn /home/alpine
Now, change the password of alpine user, for the sake of security.
Once you are done with that, you can exit the ssh session.
Now, to copy it over:
scp -i abhizerawseducate.pem alpine@<yourip>:/home/alpine/abhizerprivatevpn.ovpn .
Now, to connect to it:
sudo openvpn abhizerprivatevpn.ovpn
Or, you can use something like TunnelBlick.
And, now you should be connected.
To test it out: