Accessing your public EC2 instances using SSH and encrypting is fine. But what about working with AWS-based data that’s not public? There are all kinds of reasons why admins keep such resources out of reach of the general public. But if you can’t get at them when you need, what good are they likely to do you?
The OpenVPN Access Server
As the name suggests, OpenVPN is an open source project, and you’re always able to download the free community edition and set things up on your own VPN server. But the OpenVPN company also provides an OpenVPN Access Server as an EC2 AMI .
What does it cost?
If you’re only testing things out and don’t plan to access the VPN using more than two connections at a time, then the AMI itself is free.
First of all we are deploying a Linux AMI instance with disabled Auto-assign Public IP.
We will be unable to ssh into it as it has no public IP assigned (as shown in the picture below).
Launching an OpenVPN Access Server
OpenVPN Access Server AMIs available from the AWS Marketplace.
When it comes to instance type, We can keep it within the free tier.
Choose a subnet and note for later
Now the Security Group page is where the OpenVPN AMI settings really shine. We’re presented with a security group that opens up everything we’ll need.
Note: If practical, it would normally be a good idea to tighten those rules so only requests from valid company IP address ranges are accepted, but this will be fine for short-term testing.
Then, press Enter to all the default requirements.
Note the Admin UI and Client UI.
Accessing the server
Paste the public IP address into the terminal as part of SSH command that calls the key pair set for this instance.
ssh -i KeyPairName.pem openvpnas@
We will need to give the openvpn user a password so We can use it to log into the web GUI.
We do that as sudo with the passwd command.
sudo passwd openvpn
Now We are going to use a browser to log into the web GUI. We use our server’s public IP address with the secure https prefix, followed by slash and admin.
https:///admin
Provide the username and password as set earlier.
Provide the username and password and connect .
And then ssh to Linux instance and it will responded successfully.
Top comments (0)