Introducing OpenVPN Cloud beta Apply to join the beta group today

Tiered AWS OpenVPN AMI

Learn how to launch OpenVPN Access Server with connected devices in AWS

In this tutorial

This tutorial covers the steps to launch OpenVPN Access Server through Amazon Web Services. Set up your VPN on an Amazon Machine Image within several minutes and provide the security of encrypted traffic through an Amazon EC2 Linux Instance. No hardware or server required on your end.

These are the steps covered:

  1. Start on your Amazon EC2 Dashboard and click on Launch Instance.
  2. From the AWS Marketplace, search for “OpenVPN”.
  3. In the results, you’ll see options for OpenVPN Access Server. Choose the number of connected devices you’ll need in order to launch one with Amazon’s tiered pricing.
  4. Click on Select for the AMI chosen.
  5. Review the pricing details, then click on Continue.
  6. Choose your instance type (t2.micro for our demo) and click on Next: Configure Instance Details.
  7. Choose your VPC from the Network field.
  8. Choose whether you want to auto-assign Public IP from that field and click on Next: Add Storage.
  9. Click Next: Add Tags.
  10. Click on Add Tag and provide a name label then click on Next: Configure Security Group.
  11. Review the security group auto-generated by AWS with the necessary ports open for the VPN, then click on Review and Launch.
  12. Review your instance launch details, and click on Launch.
  13. Select an existing key pair or create a new key pair, then click on Launch Instances.
  14. Click on the page for your instance while it launches. You can copy the IP Address from the IPv4 Public IP field under your Description.
  15. SSH into your new instance with the Public IP address (we used a terminal in our demo) and logging in with the openvpnas user.
  16. Upon first login, the OpenVPN Access Server configuration launches automatically and you can read and agree to the EULA.
  17. Go through the configuration (we selected all of the defaults).
  18. At the end of the setup, make note of the URLs for the Admin UI and Client UI.
  19. Sudo up by entering sudo su
  20. Now with root privileges, set a password for the openvpn bootstrap user by entering passwd openvpn
  21. Set the password, hit enter, and retype it to confirm, then hit enter.
  22. Now with the password set, go to your browser and enter the URL for the Admin UI (from the step above). 
  23. You will see a security warning in your browser because OpenVPN Access Server ships with a self-signed certificate (something you can replace with your own web cert to remove it).
  24. Login to the Admin Web UI with your openvpn username and password just assigned.
  25. Read and agree to the EULA.
  26. You’ll see the Status Overview showing you have 5 licenses (or however many you chose from the AMI selection at the beginning).

We also reviewed these two areas on the Admin Web UI:

  • Under Configuration > License you’ll see the installed licenses for the number of concurrent users chosen with your tiered AMI (6:30)
  • Under Configuration > VPN Settings you can review routing information and the VPN Network Address and how you could setup your VPN to be a gateway to your Amazon VPC (6:41)