Configure OpenVPN Server To Access Private EC2 Instances

In this post, we’ll see how we can set up an OpenVPN server to connect to our private EC2 instances, running in different VPCs across regions.

Step 1: Create a VPC in region1 and region2(I used Oregon and Ireland). We’ll run our OpenVPN server in region 1 along with a private instance in each of these regions. Attach an Internet Gateway to the VPC in the region11.

Step 2: In region1, create a Public Subnet(for OpenVPN server) and a Private Subnet(for our private subnet).In region2, only create a private subnet.

Step 3: In region1, create a new route table named Public, which uses Internet Gateway to route traffic to 0.0.0.0/0. Attach it to our Public Subnet.

Step 4: Set up VPC peering between these 2 VPCs.

Step 5: Now follow https://www.1strategy.com/blog/2017/02/21/securely-connecting-to-your-aws-environment-using-openvpn-access-server/ to set up OpenVPN server in the region1. Also, set up OpenVPN client on your local machine following the steps given in the tutorial

Note: The AMI ID mentioned in the link may change. Just search for OpenVPN Access Server while launching the instance and use the latest one.

You may also launch a failure message like this.

Just go to the link given in the message and confirm your subscription. Then you can relaunch the instance.

Step 6: Once you are done with the OpenVPN server setup, launch a private EC2 instance in both the VPCs. Make sure the security groups of these instances allow SSH access from the VPC CIDR of the region1, where the OpenVPN server is running.

Step 7: Now login to OpenVPN with your admin credentials and go to VPN Settings. Here make sure NAT is enabled(refer to the screenshot below) and add the CIDR of VPC running in region 2(CIDR of regions1’s VPC will already be there).

Step 8: Connect to OpenVPN client with the credentials we specified during Step 5. Now try to ssh into both these instances and you should be able to do so.

That’s all. Now you can add additional users and grant them VPN access.

👋 Join us today !!

️Follow us on LinkedIn, Twitter, Facebook, and Instagram

https://avmconsulting.net/

If this post was helpful, please click the clap 👏 button below a few times to show your support! ⬇

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store