Create a Personal VPN Server with Amazon EC2 Cloud

today I’m going to show you how to create your own personal VPN server expend Amazon’s AWS cloud and this is a update to a tutorial that I had said and done but the process has actually gotten a little bit easier and on top of that I noticed when I actually went back and watched the original video the audio caliber was not very good among other things so it just various kinds of concluded sense to go ahead and redo that tutorial the first thing you’ll need to do is actually sign up for Amazon’s AWS Amazon Web Services you go to if you’ve already come an accounting you can use the same credentials but you will have to click through a few cases pages of terms and conditions before you actually have AWS triggered on your account once you’ve done that you come up now to my note flog console and then click AWS management console and “if youre not” actually signed in that will bring you immediately to the sign-in page sign and using their server and then you have this page which is all of the various cloud presents that Amazon offers the one that we’re interested is over here under estimate and networking is ec2 a sense for Elastic Compute gloom and it is Amazon’s virtual server give and then formerly we’re on the ec2 dashboard we’re going to do is clink this large launch instance button and then when you sounds that you’ll see this page come up and we’re going to leave that on classic hotshot and click continue and then now under Quick Start they have a bunch of different server software creates or options and each of these is an ami or Amazon machine image and the one we’re going to use is Ubuntu server 12.04 time one LCS we’re going to leave it a 64 flake and LT SL that intends is a long-term service and these liberations have often been simply a little more stable than the other liberates on the next sheet the only thing you’re going to do is come up now and make sure that this is set to t1 micro if you’re eligible for benefits the freeze here you’ll actually be able to run this instance at no charge for up to a year after that you will be charged the rate for the t1 micro for the number of hours that you go up have the server rolling during any leaved month once you’ve done that you’ll sound continue on this page we’re not actually going to do anything but we need to wait for these two alternatives to laden and then once they’re loaded we’ll go ahead and sounds continue okay so get it now that you look they’re laden we’re going to leave those as give default and click continue we’re not going to change anything now click continue now we’re going to create a price for list and all this does is description your server so this yet it says you know what it is as you create more servers in the future if you were doing something this will help you identify what this particular instance is actually for after you’ve done that we’re going to need to create a retain now as you’ll accompany I actually have some key duets reached but I’ll go ahead and create a new one so you can see how this is done we’re going to go ahead and give it a word in this case I’ll employment VPN – demo and we’re going to create and download the key digest and usually what I do is I have a folder that I is available in my home folder called keys and so what I’ll do is go ahead and make that from the Downloads folder and only draw it into keys so that I know where it is and we’re going to close that for now next thing we’re going to do is need to create a protection group and this just gives some basic firewall settings so we’re going to call this VPN demo and you have to have a description so we’re going to call it VPN demo as well and for now the easiest way to go ahead and get this up and running immediately is just to add all TCP all UDP and then all ICMP as well and if you’re going to be using this for an extended period of time you can come back last-minute and inhibit this down so that simply the port’s you’re actually using or open and sound continue and then if everything examines good now on this review page we’ll go ahead and click Launch and then close and then go over here it still says zero racing it hasn’t refreshed yet but we’ll go ahead and click it and then you will see you read I had some instances earlier where I was just going through this process myself before moving the video and then you’ll watch the one that’s actually being established now go ahead and refresh and you’ll see that the new instance is now running hidden click it and that raises up all the details which we’re going to need at various degrees throughout this process so with this checkbox checked before we move on actually we’re going to go ahead and open up terminal and but this is important you to you know disappear remember where you downloaded that key enter and we’re gonna have to actually change to that folder to fix the rest of this process a little bit easier so to do that I’m just going to character CD and then my bag it’s keys and if you get Ls you can see there are my keys before we can actually connect we need to change the permissions on the key record and make it so that it’s predicted only and it’s only intelligible by my regional machine and to do that we’re gonna nature chmod 400 and then VPN – demo VM reached enter and then we’ll thumped LS dash L and that shows us the permissions that you can see that it simply has one single are next to our VPN demo key datum with that done we can now go back to our browser and I’m up now and click speciman acts but make sure this is checked I should still be checked and then merely click speciman wars and we’re going to connect and then rather than use the job is SH client we’re going to connect with a standalone SSH client again for Macintosh users that is built into terminal if you’re using Windows you’re going to need a sandal own SSH client like putty which is free which will need something else to actually be able to connect we’re going to copy this order of code and we’re going to come back and it’s important to still be in the folder where your key enter is so that the itinerary will be correct and we’re going to paste this in but before we can actually connect there is one thing that Amazon does not correct before giving you this system and that is we need to change route to bun to a cluster it doesn’t the route that this is a bun to incense is setup you cannot log in as the spring consumer formerly you alter that you are eligible to touched participate run connect it’ll give you it’ll tell you that the authentic secant authenticity cannot be verified you’re just going to onward and sound kind yes and smacked participate and then I have the key to your listing of known hosts so that you can connect you simply have to do this the first time that you connect to the server wait for a second it will prove your connect and then you’ll have your your word front just like you would in a ordinary terminal but you’ll see that you’re actually connected to the remote machine now so now it’s time to actually position our software server software that’s actually going to run the VPN server and to do that we’re going to nature sudo that it lets you run the authority as the spring used and then we are going to type app – get install PPTP D and punched recruit it knows where to find the boxes ask you to confirm type why affected enroll wait for it to install all right now that it is finished installing we are genuinely have to go in and configure a number of different configuration files so that we can actually connect and use this VPN server that we have just invested first thing again almost all of these commands are going to start with sudo and then eco which is a file editor the first folder that we’re going to edit is/ et c/ p p TP d conf and in this file we’re going to go and uncomment two texts the local IP and the remote IP and they are pretty far down in the enter you’ll realize and then to uncomment them you’re just erase this pound sign here from both of those texts and then you can go ahead and delete the neighbourhood IP because we need to change that price and what we need to put there when you go back to our browser was this connection window and then scroll down and what we want is the private IP of your Amazon server instance copy that go back to our terminal and paste in that IP and then once you’ve done that you will affected controller o and then stumbled open to actually write the changes and then we will punch govern X to get out of the document editor the next folder again sudo Pico the next enter we’re going to edit is slash et Cie/ p vp/ EPT pd – options and then what we’re going to do in this file is set up our DNS servers and I’m going to use the Open DNS servers the best two options for this are probably either Open DNS or Google’s Public DNS so what you’re going to do is are going to come down now under Network and routing and uncomment the – MS – DNS threads and then put in the new dns server IPS or Open DNS s2o 8.6 7.2 2 2 2 2 2 and 0 8.6 7.2 to 0 that’s 2 to 0 now if you’re going to use Google’s assist with DNS I believe that’s 8 8 8 8 and 8 8 4 4 right and then once you’ve put your DNS servers in there again ctrl o enter to save and ctrl X to actually exit out of your enter editor the next folder that we need to edit is again pseudo ego for the writer/ et c/ sys CTL dot 0 and f and i mistyped s you do/ et c/ sys CT l scatter conf and for this one we’re going to come down to the line that says net dot IV v for nature e highlight forward equals 1 and we’re going to delete that to allow the actual forwarding that we’re going to need to actually exploit this VPN server the space we want to again ctrl o recruit ctrl X and the next document we can go ahead and edit is well actually first we’re going to go ahead and pass a an IP tables command so command for this is quite long I suggested that you I’ve included it in the description to the video so if you exactly scroll down there you can copy and glue but it is sudo IP tables – t n8 e – uppercase a upright routing – okay so o eth0 which is our network interface – J pose and the dinner is actually run that and then we’re going to actually add that line to another enter that will be pseudo eco/ e g c/ r c dot local and we’re going to add it right down here above the exit zero wire so again that’s iptables you’re not going to include the sudo this time – t n8 e – epital a pole routing – o eth0 s J pose and what this actually does is make sure that this setting is reapplied each time that you every time you restart your computer or your server again control Oh enter and control eggs and then we have one more file that we need to edit and that is to actually set up your used report so it’s going to be sudo eco/ e g c/ p p p/ gent – confidentials and we’re going to scroll down to a brand-new boundary and then under client we’re going to applied our username that we want to use to login in this case I’ll time use the demo server is Pvt PD secret is our password that we’re going to use in this case demo – password and IP addresses the IP addresses that you want to be able to connect from so we’re going to use an asterisk so that we can connect to this server from anywhere that we are because the primary place you’re going to use a server like this is somewhere like an open hot spot where you need to login to something that is using a sensitive password and you don’t want somebody else connected to that open Wi-Fi hotspot to be able to hijack your credentials so you know if you if you were to set an actual IP address in now you would only be able to connect from that IP address in your server wouldn’t be of very much use to you so formerly you put in the details that you want to use we’re going to smack switch oh one more time enter to save and ctrl X to exit out next we’re going to restart the VPN server and to do that we’ll lope/ EG c/ in it scattered d/ EPT PD and then restart you’ll see that the server is stopped and that it is restarted and then the next thing we’ll do is go ahead and reboot the whole instance just see you have a fresh passing machine with your configuration the way that you want it and to do that you can type sudo reboot and then execute demand you’ll see that you are almost immediately detached as the server goes down to reboot and then while that’s rebooting we’ll go ahead and set up our VPN connection details I and this will be in your VPN client if you’re running a Mac as I am this is built into your structure penchants it’s built into the OS so I’m just going to go to System Preferences Network and if you don’t have a VPN connection set up previously you’ll come down here with this little plus mansion clink VPN set the protocol to PPTP and then utter it a mention I’m not actually going to create one because I’ve already got one created I’m just going to add a brand-new configurations so once you’ve got it set up you’ll click it come over here included configuration and identify this AWS VPN demo originate it and so the first realm here is the server address to get that come back to our console scroll down to the Public DNS field on our speciman and we’re going to copy this appreciate and then we’ll go back to our arrangement advantages glue it into the server address accounting identify is whatever you set up as your login in the chit-chat – mysteries file merely this is maximum encryption and click authentication adjusts be password nature in your password demo – password in this case click OK and then you should be ready to connect you go ahead and sounds apply to apply the adjusts and then connect and you’ll receive I have depict this evidence VPN status in the menu bar so you can actually control your connect instantly from the menu don’t have to open provides each time you see now that I am connected and if you want to test this just to show yourself that it is actually working but one thing I did forget to mention because I already have this selected is why you do need to go under advanced and under alternatives you need to click send all traffic over beef VPN connection precisely back out of that now you need to make sure that that is actually connected so that your Internet traffic will actually be funneled over the VPN that you set up but if you want to see that it’s working and again you can open up your browser gives you what is by IP comm or any same website and you’ll see that the IP address you’re given is not your own personal IP address whatever tie-in you have to be using it will have changed to the IP address of the Amazon ec2 speciman that your VPN server is actually running on and that is it for this tutorial you can leave the connection items in there if you’re going to leave your in server operating and you’ll be able to is attached to it again without having to enter the details if you have any questions about this tutorial feel free to leave them in the comments and if you have any suggestions for future tutorials feel free to leave those in the comments as well

You May Also Like