Amazon Instance Config
- Create account in Amazon.com if you don’t have one already
- Go to Amazon http://aws.amazon.com/console/ and log in
- Create a new instance
- Choose the Ubuntu 64bit system (free tier 2 is fine)
- Don’t need to change any of the defaults for storage and such.
- Launch the instance (create or use a predefined key; set the security group (firewall))
- Ensure that your Security Group (Amazon’s firewall) allows traffic to and from your instance on the ports you will be using (53/udp and 443/tcp are mine)
- SSH into the instance using your key
- Follow the directions at https://help.ubuntu.com/14.04/serverguide/openvpn.html
- Stop when you get to “First trouble shooting“
- The /etc/openvpn/server.conf file has the config settings for your VPN instance
- To direct all client traffic to the VPN, uncomment (remove the leading semi-colon “;”) in front of push “redirect-gateway def1 bypass-dhcp”
- Change where the client looks to for DNS by uncommenting and modifying the ‘push “dhcp-option DNS 220.127.116.11‘
- If you want to have your VPN server listening on multiple ports (like 53/udp and 443/tcp) just create a different file in /etc/openvpn/ for each port/protocol.
- Restart your OpenVPN server (as the root user, over an SSH session/connection, type: service openvpn restart)
- Go to a site that will tell you your current IP address (like my simple http://whatu.info/) and look at what your current IP address is.
- Some of the client config is done in the “Server” section above. You’ll need those files (ca.crt, client.crt, client.key) on the client.
- For the client, I’m guessing you have a Windows 7/8.x system just because I can.
- Visit https://openvpn.net/index.php/open-source/downloads.html and download the appropriate client for your Operating System.
- Once installed, you’ll need to launch it as an Administrator (right click and run as administrator).
- Create a config file (*.ovpn). It needs to match the settings in the server.conf file on the server.
- Make a Notepad/Wordpad document with the following info
- The top of the file should have something like:
proto PROTOCOL(udp or tcp)
[paste your CA cert content here from ca.crt]
[paste your client cert content here from client.crt]
—–BEGIN RSA PRIVATE KEY—–
[paste your client key content here from client.key]
—–END RSA PRIVATE KEY—–
- Save your file to your desktop
- Copy/move the file to C:\Program Files\OpenVPN\config
- You can definitely have multiple config files here, one per port/protocol (one for 53/udp and one for 443/tcp)
- In your Windows tray (Windows 8 users need to go to their “Desktop”) you will see a grayed-out computer screen. Right click, navigate up to the configuration file that you created and select Connect.