Set up a free VPN on AWS with OpenVPN
Simple Guide to Setup a Working VPN Server on AWS in Less Than 5 Minutes Using OpenVPN Access Server
First, let’s distinguish between Privacy And Anonymity.
private = encrypted = secret
You can be known as the sender of the message but the message itself is confidential and only you can read it.
Anonymous = unknown sender/recipient
But it is not necessarily private and confidential.
A VPN can provide both or only one. Most web traffic is already encrypted using HTTPS. So at best without a VPN your ISP or anyone on your local area network can see the domains. Not the content. They know which sites you visit but cannot see the plain text content.
Adding a VPN creates an encrypted tunnel for the VPN server. The VPN server acts as a proxy server and forwards the traffic to its destination.
So if you connect to a VPN server hosted by a third party, your ISP can see the IP address of the VPN server but nothing else. However, the VPN server can keep logs and they are basically snooping on your traffic because you gave them trust.
Self-hosted VPNs These are the ones where you host your own VPN server. So you know for sure whether you keep logs or not. This is by far the best way to go but it is limiting in some ways.
You can host OpenVPN on AWS.
This provides a level of anonymity because you can choose a server located in Hong Kong for example, but if you want several server locations to choose from, you will have to host a server for each geographic location which can be expensive.
Internet traffic passes through a secure encrypted VPN tunnel
- AWS Account – The new account comes with 12-month free tier eligibility that covers 750 cumulative hours of use per month, so you won’t be charged for running a VPN on AWS.
1. Log in to the AWS Management Console and go to File EC2 . Service.
2. If you are located in India, change your region to Asia Pacific (Singapore) ap-south-1. Then click on Launch Instance.
Unfortunately, OpenVPN is not a very lightweight protocol, so it can cause annoying slowdowns. Of course, depending on your original ISP speeds, some of you may experience a significant drop in speeds, while others hardly even notice it.
So here’s what you can do to get smoother and more stable speeds:
Use a server closer to you. For example, if you are in India, do not use a server in the United States. Use one in Singapore, Hong Kong or Mumbai itself as they are all located in the Asia Pacific region.
You should do this for the following reasons:
· Data packets travel faster between your device and the server.
· It is very unlikely that your connection will be interrupted due to a packet loss.
3. On the dashboard, click on the AWS Marketplace menu and type OpenVPN. Select the first with the eligible free tier badge.
4. On the next page, click Continue and select t2.micro from the Instance type list and click Review and start up button.
5. Create a new key pair (or use an existing one if you already have one), enter a name, and click Download Key Pair. Then click Launch Instance and wait for the instance to go into the running state.
- If you are on a Linux or Mac machine, open Terminal and SSH for your server as openvpnas:
ssh -i “keyname.pem” openvpnas @Your-IPv4-Public-IP
- Next, type Yes For agreement, you will then be asked how you want to configure your VPN.
- Type Yes For the following 2 claims:
Should client traffic be routed by default through a VPN?
> Press ENTER for default setting [no]: Yes, should a client’s DNS traffic be routed by default through a VPN?
> Press ENTER for default setting [no]: Yes
- Just press Enter for the rest to confirm all default settings.
- Once you reach the end, change the password for the user. Enter a new password twice and you are good to go.
sudo passwd openvpn
- Next, open a browser window and type
- Login with openvpn and the password you just set.
- Once you are in the OpenVPN Administrator Control Panel, click Configure and go to “VPN Settings”
- Scroll down and apply the following changes:
Make sure to switch to Should a client’s internet traffic be routed through a VPN? is set to Yes
Change the toggle to Ask customers to use specific DNS servers to Yes
Enter the custom DNS server and set the Primary DNS server to 22.214.171.124 (CloudFlare DNS) and secondary DNS server to 126.96.36.199
- To find out why the DNS server was changed:
- Save the settings and tap Server update running
A VPN client is required that can handle capturing the traffic you wish to send through the OpenVPN tunnel, encrypting it, and passing it to the OpenVPN server.
I. To get the official OpenVPN Connect app, go to the Google Play Store on your Android device and install the official OpenVPN Connect app.
Secondly. Open the application and start the import process by entering the IPv4-Public-IP-address of the running EC2.
Third. Enter the username as openvpn and the password you set.
Fourthly. Once the import is complete, you’re ready to use the app!
For reference, my real location in India:
And these are the speeds I got with my VPN running on a Singapore server:
To use the VPN on other platforms, you will have to install the corresponding client applications:
· Connecting to an access server with Windows
· Connect to Access Server with macOS
· Connecting to an access server using Android
· Connecting to an Access Server with Apple iOS
· Connecting to an access server with Linux
You are all set! Now you can connect to your own VPN server and enjoy private network browsing 😎.
Don’t forget to share this post with friends !