Launching Access Server BYOL on Amazon AWS

OpenVPN Access Server / AWS Video Tutorials

Learn how to create an AMI with OpenVPN Access Server BYOL and launch your VPN with your Amazon VPS within minutes

In this tutorial

This tutorial covers the steps to launch OpenVPN Access Server through Amazon Web Services and then use a license purchased with OpenVPN.net. Set up your VPN on an Amazon Machine Image within minutes and provide the security of encrypted traffic through an Amazon EC2 Linux Instance. No hardware or server required on your end.

These are the steps covered:

1. Start on your Amazon EC2 Dashboard and click on Launch Instance.
2. From the AWS Marketplace, search for “OpenVPN.”
3. In the results, you’ll see options for OpenVPN Access Server. Choose the top result for our Bring Your Own License (BYOL) option.
4. Click on Select for the AMI chosen.
5. Review the pricing details, then click on Continue.
6. Choose your instance type (t2.micro for our demo) and click on Next: Configure Instance Details.
7. Choose your VPC from the Network field.
8. Choose whether you want to auto-assign Public IP from that field and click on Next: Add Storage.
9. Click Next: Add Tags.
10. Click on Add Tag and provide a name label then click on Next: Configure Security Group.
11. Review the security group auto-generated by AWS with the necessary ports open for the VPN, then click on Review and Launch.
12. Review your instance launch details, and click on Launch.
13. Select an existing key pair or create a new key pair, then click on Launch Instances.
14. Click on the page for your instance while it launches. You can copy the IP Address from the IPv4 Public IP field under your Description.
15. SSH into your new instance with the Public IP address (we used a terminal in our demo) and logging in with the openvpnas user.
16. Upon first login, the OpenVPN Access Server configuration launches automatically and you can read and agree to the EULA.
17. Go through the configuration (we selected all of the defaults).
18. At the end of the set up, make note of the URLs for the Admin UI and Client UI.
19. Sudo up by entering sudo -i
20. Now with root privileges, set a password for the openvpn bootstrap user by entering passwd openvpn
21. Set the password, hit enter, and retype it to confirm, then hit enter.
22. Now with the password set, go to your browser and enter the URL for the Admin UI (from the step above).
23. You will see a security warning in your browser because OpenVPN Access Server ships with a self-signed certificate (something you can replace with your own web cert to remove it).
24. Log in to the Admin Web UI with your openvpn username and password just assigned.
25. Read and agree to the EULA.
26. You’ll see the Status Overview showing you have 2 devices under License Status as Access Server comes with 2 free concurrent connections so you can start testing right away.
27. Click on Configuration > VPN Settings and review the Network and Routing settings where you could provide access control for a use case for SSH access:
28. From OpenVPN.net, click on Sign In > Access Server, either login or create an account, choose your subscription, and checkout.
29. Once you’ve purchased your subscription, you’ll receive an Activation Key, which you’ll enter in your Admin Web UI under Configuration > Activation.
30. Enter your Activation Key where it says, "Enter Activation Key here" and click Activate.
31. You’re up and running with your OpenVPN Access Server AMI and purchased subscription that includes help and support from our customer service team at any time.