![](https://hackernoon.com/hn-images/1*CXNQW2ZhXOKhjBHMqxPT0A.jpeg)

Being able to access **AWS** resources directly in secure way can be very useful. To achieve this you can:

*   Setup a dedicated connection with **AWS Direct Connect**
*   Use a **Network Appliance**
*   Use a **Software Defined Private Network** like **OpenVPN**

In this post, I will walk you through how to create an **OpenVPN** server on AWS, to connect securely to your VPC, Private Network resources and applications from any device anywhere.

To get started, sign in to your **AWS Management Console** and launch an **EC2 instance** from the **OpenVPN Access Server AWS Marketplace** offering:

![](https://hackernoon.com/hn-images/0*RxIGQWMzZ4CddqT0.)

For demo purpose, choose _t2.micro:_

![](https://hackernoon.com/hn-images/0*wPgYMoC0t73N4aoY.)

Use the default settings with the exception of “**Enable termination protection**” as we dont want our **VPN** being terminated on accident:

![](https://hackernoon.com/hn-images/0*x3v8Khtz7PCZ8f3H.)

Assign a new **Security Group** as below:

![](https://hackernoon.com/hn-images/0*LsR4IAfGXXfuIBcV.)

*   **TCP — 22** : Remote access to the instance.
*   **TCP — 443** : HTTPS, this is the interface used by users to log on to the VPN server and retrieve their keying and installation information.
*   **TCP — 943** : OpenVPN Admin Web Dashboard.
*   **UDP — 1194** : OpenVPN UDP Port.

To ensure our VPN instance Public IP address doesnt change if it’s stopped, assign to it an **Elastic IP**:

![](https://hackernoon.com/hn-images/0*tjptbp-B9P0YO2Tw.)

For simplicity, I added an **A** record in **Route 53** which points to the instance **Elastic IP**:

![](https://hackernoon.com/hn-images/0*gyYVtEyL0GdB3Goz.)

Once the **AMI** is successfully launched, you will need to connect to the server via **SSH** using the **DNS** record:

> ssh [openvpnas@openvpn.slowcoder.com](mailto:openvpnas@openvpn.slowcoder.com) -i /path/to/key.pem

On first time connecting, you will be prompted and asked to setup the OpenVPN server:

![](https://hackernoon.com/hn-images/0*UaM_RebtMcLorGPS.)

Setup a new password for the _openvpn_ admin user:

> sudo passwd openvpn

Point your browser to [https://openvpn.slowcoder.com](https://openvpn.slowcoder.com/), and login using _openvpn_ credentials

![](https://hackernoon.com/hn-images/0*8lAgBisfmqFeOGN4.)

Download the **OpenVPN Connect Client**, after your installation is complete, click on “**Import**” then “**From server**” :

![](https://hackernoon.com/hn-images/0*8gJhBE7WkluqbUL1.)

Then, type the **OpenVN DNS** name:

![](https://hackernoon.com/hn-images/0*7cYXugAKr1dXH4hE.)

Enter your _openvpn_ as the username and enter the same password as before and click on “**connect**“:

![](https://hackernoon.com/hn-images/0*aoo23Jib_en5KKVg.)

After you are connected, you should see a green check mark:

![](https://hackernoon.com/hn-images/0*6m-T7uNOkOZPV9nF.)

To verify the client is connected, login to **OpenVPN Admin Dashboard** on [https://openvpn.slowcoder.com/admin](https://openvpn.slowcoder.com/admin) :

![](https://hackernoon.com/hn-images/0*X3JvgFjbZcg30GUp.)

Finally, create a simple web server instance in a private subnet to verify the VPN is working:

![](https://hackernoon.com/hn-images/0*xwkYZU_j3PIkzKSY.)

If you point your browser to the webserver private address, you should see a simple HTML page:

![](https://hackernoon.com/hn-images/0*uNaD3HvXcuz4576Y.)

AWS OpenVPN Access Server

Too Long; Didn't Read

@mlabouardy

RELATED STORIES