Braden Holschuh

IT Specialist

[
[
[

]
]
]

Creating a Cloud-Based VPN Using AWS and OpenVPN

The objective of this lab was to create a secure Virtual Private Network (VPN) using Amazon Web Services (AWS) and OpenVPN. Through this lab, I learned how cloud infrastructure can be used to deploy a private VPN server that encrypts network traffic and allows secure remote access.

Tools Used:

  • Amazon Web Services (AWS)
  • EC2 (Elastic Compute Cloud)
  • OpenVPN Access Server
  • SSH (Secure Shell)
  • OpenVPN Client Software

Lab Environment

  • Client Operating System: Windows and Linux Mint
  • Server Operating System: Ubuntu Linux (AWS EC2 instance)
  • Network Type: Public internet with encrypted VPN tunnel

Procedure

Step 1: Create an AWS Account

I navigated to the AWS website and either created a new account or signed into an existing one. I confirmed that the AWS Free Tier was enabled to avoid unnecessary charges during the lab.

Step 2: Launch an EC2 Instance

I accessed the AWS Management Console and navigated to EC2 → Instances → Launch Instance. I selected Ubuntu Server (LTS) as the operating system and chose a free-tier eligible instance type (t2.micro). I created a key pair for SSH access and configured the security group to allow the following:

  • SSH (port 22)
  • HTTPS (port 443)
  • OpenVPN (port 1194 UDP)

Once the configuration was complete, I launched the EC2 instance.

Step 3: Connect to the EC2 Instance

After the instance was running, I copied its public IP address. Using an SSH client, I connected to the server with the following command:

ssh -i vpnserver.pem ubuntu@18.117.#.#

I verified that I successfully accessed the server terminal.

**In order for this to run, you have to download the .pem file from AWS and have it on any device utilizing the VPN, otherwise you are unable to connect to the network.

Step 4: Install OpenVPN Access Server

I updated the server packages by running:

sudo apt update && sudo apt upgrade -y

I then installed OpenVPN Access Server using:

sudo apt install openvpn-as -y

I waited for the installation process to complete.

Step 5: Configure OpenVPN Access Server

After installation, I noted the OpenVPN admin URL displayed in the terminal (https://18.117.#.#:943/admin). I opened this URL in a web browser and logged in using the default openvpn user. I set a password for the administrator account and confirmed that the OpenVPN service was running correctly.

Step 6: Create VPN User and Download Client Profile

I accessed the OpenVPN Client UI (https://18.117.#.#:943/) and logged in using the VPN credentials. I downloaded the client configuration file and installed the OpenVPN client software on my local machine. I then imported the configuration file into the client.

Step 7: Connect to the VPN

I launched the OpenVPN client and connected using the imported profile. Once connected, I verified the VPN status and confirmed that my internet traffic was being routed through the VPN by checking my public IP address.

Issues that Arose / Troubleshooting Steps

  • When I first ran the VPN, I went to check my IP address by typing in ‘What is my IP?’ in Google and it was still showing my local IP address despite being connected to the VPN. After doing some research online, it looked to be an issue with how the tunnels were configured.

Solution: Enabled ‘Full Tunnel’ in the configurations, originally set to ‘Split Tunnel’ by default. This fixed my IP address masking issue.

  • After I successfully set up my IP address to be masked, I then ran into an issue were I was only able to log into one single device per session. While logged in through the Linux machine, it would log me out of the VPN on the Windows machine and vice versa. Again, after playing around with the configuration settings, as well as looking at a few forum posts online, it looked to be an issue of having only one single device account configured for the VPN.

Solution: Created two separate device accounts and assigned them with different login credentials to prevent any login conflicts. This fixed the issue and I was able to log into both simultaneously and was able to ping the two machines from both devices without issue.

Results

I successfully established a VPN connection between my local devices and the AWS-hosted OpenVPN server. The connection encrypted my network traffic and routed it securely through the cloud server, demonstrating a functional private VPN deployment. I was also able to have two devices on the network simultaneously that were able to communicate with each other.

Conclusion

In this lab, I demonstrated how cloud computing can be used to implement secure networking solutions. By configuring an EC2 instance and installing OpenVPN, I created a working VPN server that provides encrypted remote access. This lab reinforced my understanding of VPN technologies, cloud infrastructure, and secure network configuration.