AWS OpenVPN Server

This repository contains the code to allow the deployment of your own VPN Access Server in AWS. This code uses Sceptre to deploy AWS CloudFormation templates so this means you will need an AWS account and Sceptre installed on your machine.

Setup

AWS

• Create AWS account
• Create IAM user with programmatic access & save the access keys
• Create EC2 Key Pair
• Change permissons of the private key

  chmod 400 my-key-pair.pem
  

• Install AWS CLI to your machine
• Configure AWS CLI
• Share EC2 key pair with other regions by running region_share_key script

  bash region_share_key.sh path/to/pem_key.pem
  

Sceptre

• Install python & pip if you don't have it installed already

• Install virtualenv

  pip install virtualenv
  

• Install virtualenvwrapper

  pip install virtualenvwrapper
  export WORKON_HOME=~/Envs
  source /usr/local/bin/virtualenvwrapper.sh
  

• Create the sceptre virtualenv

  mkvirtualenv sceptre
  

• Select the sceptre virtualenv to work on

  workon sceptre
  

  Note: You will need to workon sceptre every time you want to use Sceptre

• Install Sceptre

  pip install sceptre
  

Usage

• Set the owner_name and owner_email values in config/vpn/network.yaml which will be used to tag the resources
• Set the vpn_admin_user and vpn_admin_pw values in config/vpn/openvpn.yaml which you will use to log in to the VPN
• Set the key_pair value in config/vpn/openvpn.yaml to the name of the key pair you created earlier
• Edit the region value in config/vpn/config.yaml and config/vpn/openvpn.yaml to the region you want to launch in
• Launch the environment using Sceptre

  sceptre launch-env vpn
  

• Connect to the VPN
  • Navigate to the EC2 console of the region you just launched the OpenVPN Access Server in.
  • Select the OpenVPN instance and copy its public IP address.
  • Follow these instructions to learn how to connect to the VPN