Setting Up Free VPN on AWS

You need a VPN to keep yourself safe on the internet, safe from people like hackers and people like her and her, but maybe you don't want to pay for it. You know what? That's fine. We're going to set up a VPN server in the AWS cloud for free. Let's go. Okay, you'll need two things to get started. Number one, cup of coffee. Go brew you some, come back and see me. Number two, you'll need a free AWS account. If you don't already have one, go watch this video. I'll get you set up. All right, coffee, AWS, let's go. All right, first thing, open up your web browser and go to AWS. us.amazon.com to log into your console. I'll click it right here at the top right and get logged in from here. We're going to click on services at the top left and then under compute, select EC2. Now what's this EC2 thing. Simply. It's an Amazon service that'll let us deploy a virtual machine. machine in the cloud, a virtual computer, a virtual server that will run our VPN server. So we need to make one of these. We're going to scroll down to about the middle here where you see launch instance, and we'll click on launch instance. Click the arrow there and again, click launch instance. A lot of clicking here. Now, typically you would scroll through here and select whatever image you want. They're called AMIs or Amazon machine images. And these are basic. They just have the operating system installed, but we want a bit extra. We want to save ourselves some time. So we're going to go over here on the left and select AMIs. AWS marketplace. This will give us stuff beyond the operating system. Like we'll have pre-configured tools, tools like open VPN. So we'll go to the search bar up here and type in open VPN to find that. And there it is. The first one, this will be an Ubuntu server with open VPN already installed, which is awesome because it's kind of a pain to get this thing going. And this is the one we want. You don't want to select the one with 10 connected devices. You want this guy right here, free tier eligible. That's what you want to look for when you don't want to pay any money. You want it for free, right? Let's keep going. So we'll jump on and hit select right here. Select. Now let's talk about money for a second. OpenVPN is a free and open source software, but this version right here, the OpenVPN access server is a paid commercial option. Now I don't want to lose you. You probably heard paid and checked out. No, no, this version, your bring your own license version, it gives us two clients for free. So you and a buddy can connect to this VPN server for free. No worries. If you need more than that, then this isn't for you. Beyond that, all you have to worry about is the hosting costs for putting this on AWS. And of course this depends on what size you select. Now we're going to be selecting a free tier eligible size. So let's go ahead and step forward in time here. I will scroll down and select continue. And here's where I choose my size. What we want is the general purpose, the T2.micro. You want to look for that free tier eligible little icon there. So once you have that selected, just hit review and launch here at the bottom. And then hit launch once more at the bottom right. Now here you need a key pair. If you don't already have one, make a new one. That's what I'll do right now. I'll change this to create a new pair. I'll name it. I'll just say VPN server. And this is important. You want to download that key pair, click download. Now this is your only chance to download that key. Do it right now. We're going to use it when we connect to our VPN server to configure it. So make sure you have it ready. Now we're ready. We're going to click on launch instances and let's go. And it's going. Coffee break. So it has started. Let's go and click on this link right here and go watch it come up. So it's still pending. Again, another coffee break. Let's do it. Okay, mine is done. My virtual machine is ready to go. If yours looks like this, it says running, you're ready. What we'll do first is connect to it. So I'll right click this guy right here and click connect. This will show you how to connect to your VPN server. We'll go with the standalone SSH option. If you scroll down to the example command, this will work for most people. So go ahead and copy that. And what you'll do next is launch your terminal program on Linux or Mac or command prompts on windows or PowerShell. That's what I'm going to use. So I'll paste that command here in the command line. I'll pay attention to this real quick. This command is looking for this file right here, VPN server. Dot PM. Yours might look different. If you named your key, something else you'll want to make sure that this command is looking in the right place for that file. And right now mine isn't because I'm in users slash Chuck. I know this is going to be in my downloads directory because I just downloaded it. So I'm going to modify that command just a little bit here and put in front of that downloads forward slash VPN server. P E M that way it's going to be looking in the right place and I'll hit enter. I'll hit yes to accept that certificate and I'm in those spots. Crazy big. I'm going to change it real quick. Oh my gosh. It's a bit easier to see everything. Now it wants you to blindly accept the terms of service. We'll put in yes. And then the rest of this, just enter, enter, enter, enter, accepting all the defaults. Unless you have a reason to change any of this, keep going, keep going. blah, blah, blah, until you get to this point and it starts to initialize your server. Not too bad, right? Just hitting enter a few times. So now it closed your connection and it wants you to log in as open VPN AS rather than root. And it won't let you log back in as root. So what I'll do is just enter that same command as I used earlier. And I'll change the user from root to open VPN AS. And that should work just fine. I'm in. Now there's only one thing we have to do here in the command line and then we're pretty much good. I'll enter the command sudo passwd. and then the username open VPN. This will change the password for the user open VPN. This is our admin user and our client user when we connect to our VPN portal. I'll show you in a sec. I'll go and enter that command. It's gonna prompt us for the password. So put a password in. Remember this password. This will be your admin password for open VPN. Do it once more and done. That's it. You can close that command line or minimize it, whatever. Now your server is pretty much ready, but there's one thing we wanna do to make it awesome. So we'll get back to AWS and we'll scroll down to... where we see our public IP address information, IPv4, public IP, blah, blah, blah. We're going to copy that. Copy to clipboard. I'm going to open up a new tab, and I'll type in HTTPS colon whack whack, paste the IP address in there, and then I'll put in colon and specify my port, which will be port 943, and then forward slash admin to access the admin page. Ready, set, go. This has a self-signed cert, so don't worry about that. We'll just click Advanced and Proceed. And we're here. It's up and running. We're going to log in with our OpenVPN username. OpenVPN, and then that password we just created. And click Sign In. Now, if yours just kind of sits here for a bit, kind of weird like this, just click Stop, the X, and then Refresh, and it works suddenly. Kind of weird. Again, select the Agree to all the stuff they want you to agree to. And we're in. Like, this is cool, right? Now, you can go in here, have fun, be crazy, but there's one thing I want you to change real quick. Under configuration, we're going to go to the VPN settings right there. To make sure that all your internet traffic is safe and secure going through this VPN, wherever you are, we're going to scroll down to about here. Under routing, we'll see an option that says, should client internet traffic be routed through the VPN? Now we want that, so we're going to select the option right now. We'll see, yes, all client traffic should be routed through the VPN. Let's do that. And I'll scroll down and click save settings at the bottom here. And then one last step hit this update running server to make sure the changes take place. Bam. And that's it. As far as the server goes, you're done. Relax. Have a cup of coffee. Woo. But we're not done yet. You still have clients to connect. You want to connect to this, right? You want to use it. How do you do that? It's really, really easy actually. So let's go back up to the top here to our URL bar. Let's take out the bits where it says VPN settings and admin. Just leave the nine four three at the end. What's that doing? It's taking us to the user portal. Before that was the admin portal where we make changes and stuff. Here it's for clients, for people who want to connect. Good news is it's the same login information. So open VPN and that same password that you created and sign in and then choose your flavor. Whatever device you have, whatever device you want to connect to VPN, download that client. So I have Windows here, so I'm going to select Windows, download. Once downloaded, I will install that guy. Windows doesn't like it, but I don't care. More info and run anyway. You can't boss me around Windows. get in your lane bill gates and then i'll click next yeah yeah next install install install and finish and we should have an openvpn icon at the bottom right here i do i'm gonna select that guy i don't need a tour i'll just hit x i agree again and they want you to greet a lot of stuff yeah yeah yeah the beautiful part is here is that it's already pre-configured already done it imported your profile if you downloaded it from that page all we have to do is hit connect let's do it boom now you gotta log in again So open VPN, same username, same password, and let's VPN it up. I'm connected. Woo. But am I secure? How do I know this is working? Let's go test it out. We'll open up a new tab in our browser here. We'll go to Google and I'll type in what's my IP and let's see where I'm at. Yes. That's not my home IP address, by the way. That's the only that we've been using so far. That's my open VPN server. All my internet traffic is going through this guy we just created. And if you want to use your phone, so iOS, Android, you select these options here. It'll take you to a page and it shows you how to do it. They have an app. It's really easy, super simple. And that's it. You've got a VPN server. You're a boss. That's pretty cool. So this is doing two amazing things. Your computer, your phone, or whatever you connect to this VPN server. You're getting access to a virtual private cloud in Amazon or a VPC. When you're working in AWS and you're creating servers and websites and all kinds of stuff, you can have that safely tucked away in a virtual private network. or a virtual private cloud. And what we just did here today gives you a secure way to connect to your virtual private cloud in Amazon. You're not accessing public IPs. You're securely accessing your virtual network and you're logging into devices via their private IP addresses. And not only that, because we changed our options, all internet traffic is going through the server, keeping us nice, safe, and encrypted. And we can be wherever we want because I don't know if you noticed, I'm in France, according to my VPN server. That's where I put him, in Amazon. Wherever Amazon is, I can be there too. So if you followed this, you just set up a VPN server in the AWS cloud, which is kind of amazing. Learning AWS, learning the cloud is a pretty valuable skill right now. So if you liked doing this, you should go deeper. You should go deeper and learn AWS and make it a career. I've got a course below to get you started. The AWS Solutions Architect Associate. I collaborated with Anthony Sequeira and David Bombal. It's an awesome course. Link below. It will get you started down the path of becoming an AWS engineer, a cloud engineer. Now I know that a few of you may have doubts about this VPN server being free and I get that, but it's legit free. When you sign up for a free tier account with Amazon, with AWS, you get 12 months of free tier access. So with our example here, when you set up this VPN server and you're running one server in the AWS cloud, you can run that for 750 hours a month for free. If you do the math, 31 days in a month, 744 hours, that's free. Now sure, after 12 months, it won't be free anymore. But hey. 12 months of free anything is awesome after it, it will be around $10 a month to run that server in the cloud. That's still pretty competitive with any other option you might find anyways, that's about it. Let me know what you think VPN server in the AWS cloud. I think it's pretty cool. You can do this in other cloud providers as well, but I'm kind of partial to AWS right now. So, uh, try it out. Let me know what you think. And I will catch you guys later.

You need a VPN to keep yourself safe on the internet, safe from people like hackers and people like her and her, but maybe you don't want to pay for it. You know what? That's fine.

We're going to set up a VPN server in the AWS cloud for free. Let's go. Okay, you'll need two things to get started.

Number one, cup of coffee. Go brew you some, come back and see me. Number two, you'll need a free AWS account.

If you don't already have one, go watch this video. I'll get you set up. All right, coffee, AWS, let's go.

All right, first thing, open up your web browser and go to AWS. us.amazon.com to log into your console. I'll click it right here at the top right and get logged in from here.

We're going to click on services at the top left and then under compute, select EC2. Now what's this EC2 thing. Simply.

It's an Amazon service that'll let us deploy a virtual machine. machine in the cloud, a virtual computer, a virtual server that will run our VPN server. So we need to make one of these.

We're going to scroll down to about the middle here where you see launch instance, and we'll click on launch instance. Click the arrow there and again, click launch instance. A lot of clicking here. Now, typically you would scroll through here and select whatever image you want. They're called AMIs or Amazon machine images.

And these are basic. They just have the operating system installed, but we want a bit extra. We want to save ourselves some time.

So we're going to go over here on the left and select AMIs. AWS marketplace. This will give us stuff beyond the operating system. Like we'll have pre-configured tools, tools like open VPN. So we'll go to the search bar up here and type in open VPN to find that.

And there it is. The first one, this will be an Ubuntu server with open VPN already installed, which is awesome because it's kind of a pain to get this thing going. And this is the one we want.

You don't want to select the one with 10 connected devices. You want this guy right here, free tier eligible. That's what you want to look for when you don't want to pay any money. You want it for free, right?

Let's keep going. So we'll jump on and hit select right here. Select.

Now let's talk about money for a second. OpenVPN is a free and open source software, but this version right here, the OpenVPN access server is a paid commercial option. Now I don't want to lose you.

You probably heard paid and checked out. No, no, this version, your bring your own license version, it gives us two clients for free. So you and a buddy can connect to this VPN server for free.

No worries. If you need more than that, then this isn't for you. Beyond that, all you have to worry about is the hosting costs for putting this on AWS.

And of course this depends on what size you select. Now we're going to be selecting a free tier eligible size. So let's go ahead and step forward in time here. I will scroll down and select continue. And here's where I choose my size.

What we want is the general purpose, the T2.micro. You want to look for that free tier eligible little icon there. So once you have that selected, just hit review and launch here at the bottom.

And then hit launch once more at the bottom right. Now here you need a key pair. If you don't already have one, make a new one. That's what I'll do right now.

I'll change this to create a new pair. I'll name it. I'll just say VPN server.

And this is important. You want to download that key pair, click download. Now this is your only chance to download that key. Do it right now.

We're going to use it when we connect to our VPN server to configure it. So make sure you have it ready. Now we're ready. We're going to click on launch instances and let's go. And it's going.

Coffee break. So it has started. Let's go and click on this link right here and go watch it come up. So it's still pending.

Again, another coffee break. Let's do it. Okay, mine is done. My virtual machine is ready to go.

If yours looks like this, it says running, you're ready. What we'll do first is connect to it. So I'll right click this guy right here and click connect.

This will show you how to connect to your VPN server. We'll go with the standalone SSH option. If you scroll down to the example command, this will work for most people. So go ahead and copy that.

And what you'll do next is launch your terminal program on Linux or Mac or command prompts on windows or PowerShell. That's what I'm going to use. So I'll paste that command here in the command line.

I'll pay attention to this real quick. This command is looking for this file right here, VPN server. Dot PM. Yours might look different.

If you named your key, something else you'll want to make sure that this command is looking in the right place for that file. And right now mine isn't because I'm in users slash Chuck. I know this is going to be in my downloads directory because I just downloaded it.

So I'm going to modify that command just a little bit here and put in front of that downloads forward slash VPN server. P E M that way it's going to be looking in the right place and I'll hit enter. I'll hit yes to accept that certificate and I'm in those spots. Crazy big. I'm going to change it real quick.

Oh my gosh. It's a bit easier to see everything. Now it wants you to blindly accept the terms of service. We'll put in yes.

And then the rest of this, just enter, enter, enter, enter, accepting all the defaults. Unless you have a reason to change any of this, keep going, keep going. blah, blah, blah, until you get to this point and it starts to initialize your server.

Not too bad, right? Just hitting enter a few times. So now it closed your connection and it wants you to log in as open VPN AS rather than root. And it won't let you log back in as root.

So what I'll do is just enter that same command as I used earlier. And I'll change the user from root to open VPN AS. And that should work just fine.

I'm in. Now there's only one thing we have to do here in the command line and then we're pretty much good. I'll enter the command sudo passwd. and then the username open VPN. This will change the password for the user open VPN.

This is our admin user and our client user when we connect to our VPN portal. I'll show you in a sec. I'll go and enter that command.

It's gonna prompt us for the password. So put a password in. Remember this password.

This will be your admin password for open VPN. Do it once more and done. That's it. You can close that command line or minimize it, whatever.

Now your server is pretty much ready, but there's one thing we wanna do to make it awesome. So we'll get back to AWS and we'll scroll down to... where we see our public IP address information, IPv4, public IP, blah, blah, blah.

We're going to copy that. Copy to clipboard. I'm going to open up a new tab, and I'll type in HTTPS colon whack whack, paste the IP address in there, and then I'll put in colon and specify my port, which will be port 943, and then forward slash admin to access the admin page.

Ready, set, go. This has a self-signed cert, so don't worry about that. We'll just click Advanced and Proceed.

And we're here. It's up and running. We're going to log in with our OpenVPN username.

OpenVPN, and then that password we just created. And click Sign In. Now, if yours just kind of sits here for a bit, kind of weird like this, just click Stop, the X, and then Refresh, and it works suddenly. Kind of weird.

Again, select the Agree to all the stuff they want you to agree to. And we're in. Like, this is cool, right?

Now, you can go in here, have fun, be crazy, but there's one thing I want you to change real quick. Under configuration, we're going to go to the VPN settings right there. To make sure that all your internet traffic is safe and secure going through this VPN, wherever you are, we're going to scroll down to about here. Under routing, we'll see an option that says, should client internet traffic be routed through the VPN? Now we want that, so we're going to select the option right now.

We'll see, yes, all client traffic should be routed through the VPN. Let's do that. And I'll scroll down and click save settings at the bottom here.

And then one last step hit this update running server to make sure the changes take place. Bam. And that's it. As far as the server goes, you're done. Relax.

Have a cup of coffee. Woo. But we're not done yet.

You still have clients to connect. You want to connect to this, right? You want to use it.

How do you do that? It's really, really easy actually. So let's go back up to the top here to our URL bar. Let's take out the bits where it says VPN settings and admin. Just leave the nine four three at the end.

What's that doing? It's taking us to the user portal. Before that was the admin portal where we make changes and stuff. Here it's for clients, for people who want to connect.

Good news is it's the same login information. So open VPN and that same password that you created and sign in and then choose your flavor. Whatever device you have, whatever device you want to connect to VPN, download that client.

So I have Windows here, so I'm going to select Windows, download. Once downloaded, I will install that guy. Windows doesn't like it, but I don't care.

More info and run anyway. You can't boss me around Windows. get in your lane bill gates and then i'll click next yeah yeah next install install install and finish and we should have an openvpn icon at the bottom right here i do i'm gonna select that guy i don't need a tour i'll just hit x i agree again and they want you to greet a lot of stuff yeah yeah yeah the beautiful part is here is that it's already pre-configured already done it imported your profile if you downloaded it from that page all we have to do is hit connect let's do it boom now you gotta log in again So open VPN, same username, same password, and let's VPN it up.

I'm connected. Woo. But am I secure? How do I know this is working?

Let's go test it out. We'll open up a new tab in our browser here. We'll go to Google and I'll type in what's my IP and let's see where I'm at.

Yes. That's not my home IP address, by the way. That's the only that we've been using so far.

That's my open VPN server. All my internet traffic is going through this guy we just created. And if you want to use your phone, so iOS, Android, you select these options here.

It'll take you to a page and it shows you how to do it. They have an app. It's really easy, super simple.

And that's it. You've got a VPN server. You're a boss. That's pretty cool. So this is doing two amazing things.

Your computer, your phone, or whatever you connect to this VPN server. You're getting access to a virtual private cloud in Amazon or a VPC. When you're working in AWS and you're creating servers and websites and all kinds of stuff, you can have that safely tucked away in a virtual private network. or a virtual private cloud.

And what we just did here today gives you a secure way to connect to your virtual private cloud in Amazon. You're not accessing public IPs. You're securely accessing your virtual network and you're logging into devices via their private IP addresses. And not only that, because we changed our options, all internet traffic is going through the server, keeping us nice, safe, and encrypted. And we can be wherever we want because I don't know if you noticed, I'm in France, according to my VPN server.

That's where I put him, in Amazon. Wherever Amazon is, I can be there too. So if you followed this, you just set up a VPN server in the AWS cloud, which is kind of amazing.

Learning AWS, learning the cloud is a pretty valuable skill right now. So if you liked doing this, you should go deeper. You should go deeper and learn AWS and make it a career.

I've got a course below to get you started. The AWS Solutions Architect Associate. I collaborated with Anthony Sequeira and David Bombal.

It's an awesome course. Link below. It will get you started down the path of becoming an AWS engineer, a cloud engineer.

Now I know that a few of you may have doubts about this VPN server being free and I get that, but it's legit free. When you sign up for a free tier account with Amazon, with AWS, you get 12 months of free tier access. So with our example here, when you set up this VPN server and you're running one server in the AWS cloud, you can run that for 750 hours a month for free. If you do the math, 31 days in a month, 744 hours, that's free.

Now sure, after 12 months, it won't be free anymore. But hey. 12 months of free anything is awesome after it, it will be around $10 a month to run that server in the cloud.

That's still pretty competitive with any other option you might find anyways, that's about it. Let me know what you think VPN server in the AWS cloud. I think it's pretty cool. You can do this in other cloud providers as well, but I'm kind of partial to AWS right now. So, uh, try it out.

Let me know what you think. And I will catch you guys later.

Transcript for:Setting Up Free VPN on AWS

Transcript for:
Setting Up Free VPN on AWS