Deploying a VPN server in AWS using OpenVPN

 What is VPN?

What is VPN, its types and how it works - Airtel

VPN in other words Virtual Private Network, is a technology that provides a secure and private connection over the internet, allowing the users to access the internet as if they are connected to a private network. VPNs are commonly used for various purposes, which including:

  1. Security: VPNs encrypt the data transmitted between your device and a remote server, making it difficult for third parties, such as hackers or government agencies, to intercept and view your online activities. This is particularly important when using public Wi-Fi networks, which are often less secure.
  2. Privacy: VPNs hide your real IP address and location by routing your internet traffic through a server in a different location. This helps protect your online privacy and anonymity, making it harder for websites and online services to track your online behavior.
  3. Bypassing Geographical Restrictions: Some content and websites are restricted or geo-blocked in certain regions. By connecting to a VPN server in a different location, you can access content and services that might otherwise be unavailable in your location.
  4. Anonymity and Torrenting: Some users utilize VPNs to engage in peer-to-peer file sharing or torrenting while maintaining their anonymity, as well as to access torrent sites that might be blocked in their region.

Configuration of VPN using AWS

For deploying a VPN server in AWS launch an EC2 instance and select “Browse more AMIs” as shown below.

AWS deploying instance

Go to AWS Marketplace AMIs and search for OpenVPN, select OpenVPN Access Server.

AWS Marketplace AMIs

Continue with other configuration and select a key pair or generate a new key as per your requirements and the launch instance.
Once the server is deployed and running click on connect and go to ssh section to connect to the machine use the command given in AWS to connect.

connecting using ssh

You can see in the above screenshot, I was not able to connect using root, so connected as “openvpnas” user as shown.

After connecting successfully agree to the agreement, type yes and Enter.

Agreement

Leave the configurations to default or see change as per the requirements, set a password for openvpn profile(you can change the user name also while configuration).

Once the configuration is successfully completed we can see Admin UI and Client UI URL been given.

Copy the admin UI address and open in the web browser, below shown page will be loaded.
Login with Username as openvpn(if changed use the username provided while configuration) and password that you have gave while configuration in the above step.

Admin UI

In the next window click and “Agree” to continue with the process.
After successful login the below pages appears.

Under VPN settings Change Routing and DNS Settings as shown below, save the settings.

VPN Setting

In Advanced VPN Setting turn on if you need Inter-Clinet Communication.

Advance VPN Settings

Now copy the Client UI address and access it, below page will appear use the same credentials to login.

Client UI

After login below page appears select type and install OpenVPN application to continue.

Installation page

Once the application is downloaded, install the application.
After successful installation of the application open the application, a below screen will be displayed.

OpenVPN Connect

You will have a bundled VPN profile installed when installed connect to the VPN profile, a password will requested enter the configured password.

Authentication

On successful connection below screen will be displayed.

VPN Connection

To check if the VPN Server is running let’s perform a IP leaks test and DNS leaks test with VPN on and off.
IP Leak with VPN

IP leaks with VPN

DNS Leak with VPN

DNS leaks with VPN

IP Leak without VPN

IP leaks without VPN
DNS leak without VPN

It is clear that our VPN server is working, as it is able to prevent IP leaks and DNS leaks.
In admin site In the status section we can find Current Users and Log Reports.

Current Users

Similarly, you can check for the logs of connected users.

Subscribe to our YouTube channel. https://www.youtube.com/@CyberToolGuardian/featured

Follow us on Instagram.
https://instagram.com/cybertoolguardian

Comments

Post a Comment

Popular posts from this blog

Zeek Installation in Ubuntu

Image
What is Zeek? An open-source protocol analyzer and network security monitoring tool, Zeek was once known as Bro. It is intended to assist enterprises with real-time network traffic monitoring and analysis, offering information on network activity, potential security risks, and performance concerns. Due to its effectiveness in swiftly capturing and processing network data, Zeek is especially well-liked among cybersecurity experts and network managers. How to install Zeek in Ubuntu? Update and upgrade the Ubuntu using apt. sudo apt-get update sudo apt-get upgrade Download the Zeek source code from the official website ( https://zeek.org/get-zeek/ ). Zeek offical download page Install dependencies using the below command. sudo apt-get install cmake make gcc g++ flex bison libpcap-dev libssl-dev python3-dev swig zlib1g-dev Dependencies installation Once all the dependencies are installed change the directory to the path where the Zeek source code file is downloaded and unzip the file. cd D...
Read more

What is ELK and Installing ELK stack (elasticsearch, logstash, kibana) in Ubuntu

Image
   What is ELK Stack The ELK stack is a collection of three open-source tools — Elasticsearch, Logstash, and Kibana — that work together to collect, store, and analyze data. Here is how each tool works: Elasticsearch : Elasticsearch is a search and analytics engine that provides a distributed, real-time search and analytics platform. It stores data in a distributed index, which allows for fast, real-time search and analysis of data. Elasticsearch is highly scalable, and it can handle a large volume of data with ease. Logstash : Logstash is a data pipeline that collects, filters, and transforms data from different sources before sending it to Elasticsearch. It can collect data from different sources such as log files, databases, and message queues. Logstash can also perform data transformation and filtering to ensure that only the relevant data is sent to Elasticsearch. Kibana : Kibana is a data visualization tool that allows users to create dashboards, visualizations, and repo...
Read more

Sending Zeek logs to ELK using Filebeats

Image
Before sending logs we must modify local.zeek file and add the below line at the end of the file. @load policy/tuning/json-logs.zeek Use the find command to find local.zeek file. find / -name local.zeek local.zeek path Now copy the path and edit the file using nano and add the line. local.zeek Save and exit from editor, now check the configuration of zeekctl sudo zeekctl check zeekctl check Once the you get zeek scripts are ok, deploy zeekctl sudo zeekctl deploy zeekctl deploy Go to the zeek logs path directory which is /usr/local/zeek/logs/current. Check if logs are generated properly. logs Go to Kibana dashboard head over to integration section and search for zeek, in the integration page on bottom right go to “Also available in Beats”. You will be redirected to Filebeats Zeek integration page. Copy the commands from the Step1 and open new terminal window and run the commands. Which will download and extract the filebeats. Now edit the filebeat.yml file, change the paths to the zeek ...
Read more