How to set up a Self-Hosted OpenVPN Server on Linux and AWS ?


Credits and Acknowledgments

This guide uses the OpenVPN installation script created by Angristan. The script is an enhanced fork of the original work by Nyr, with improved security features and broader OS support. The project is maintained by the open-source community and is available under the MIT License.


System Compatibility

Supported Linux Distributions

The Installation script supports the latest major Linux distributions, ensuring compatibility with both stable releases and Long-Term Support (LTS) versions. Here is a detailed list:

  • ✅ Ubuntu: 24.10 (Oracular Oriole), 24.04 LTS (Noble Numbat), 22.04.5 LTS (Jammy Jellyfish), 18.04.6 LTS (Bionic Beaver)
  • ✅ Debian: 12 (Bookworm), 11 (Bullseye), 10 (Buster)
  • ✅ AlmaLinux: 9.x, 8.x (all major versions)
  • ✅ Rocky Linux: 9.x, 8.x (continuing CentOS tradition)
  • ✅ CentOS Stream: 9, 8
  • ✅ Fedora: 39, 38, 37, 35 (latest four releases)
  • ✅ Arch Linux: (Rolling release, always up-to-date)
  • ✅ Oracle Linux: 9, 8
  • ✅ Amazon Linux: Amazon Linux 2023, Amazon Linux 2

Note: For this guide, we’ll be using Ubuntu 24.04 LTS as our server OS.


Feature Comparison: Self-Hosted vs. Commercial VPN Solutions

Feature Our Self-Hosted Solution Commercial VPN (Avg. $10/month)
Monthly Cost As low as $5 $8-$15
Setup Time 18-20 minutes 5 minutes
Users Unlimited 5-10 devices
Bandwidth Unlimited Unlimited
Server Locations Single location Multiple locations
Speed Full server bandwidth Shared bandwidth
Privacy Complete control Provider-dependent
Encryption Customizable Pre-configured
Server Control Full access None
IP Address Dedicated Shared
Technical Skills Required Basic Linux knowledge None
Maintenance Required Yes No

Why Choose Self-Hosted OpenVPN?

Advantages

Cost-Effective

Only pay for server hosting, no per-user licenses, and scalable as needed.

Complete Control

Full server management, custom security settings, flexible configuration, and no third-party involvement.

Privacy

No logging unless configured, personal dedicated IP, self-managed encryption, and no shared infrastructure.

Performance

Dedicated bandwidth, customizable server specs, no overcrowded servers, and direct access management.

Considerations

Technical Requirements

Requires basic Linux knowledge, server management skills, security awareness, and troubleshooting abilities.

Maintenance

Needs regular updates, security monitoring, performance tuning, and backup management.

Perfect For

Small businesses, tech enthusiasts, privacy-conscious users, development teams, educational institutions, remote workers, and self-hosted service users.


Introduction

This comprehensive guide will walk you through setting up your own OpenVPN server on AWS, from creating your AWS account to connecting your first client. We’ll focus on security best practices and provide clear, step-by-step instructions.

Time and Cost Estimates

  • Setup Time: 18-20 minutes
  • AWS Free Tier Eligible: Yes
  • Monthly Cost (after free tier): ~$5

Prerequisites

  • A computer with internet access
  • A credit/debit card for AWS registration
  • Basic command line knowledge
  • Windows PC for client setup

Part 1: AWS Account Setup

Creating Your AWS Account

  1. Visit AWS Console
  2. Click “Create an AWS Account”
  3. Provide your email and account name
  4. Complete the verification process
  5. Add payment information
  6. Verify your identity via phone
  7. Select Basic Support Plan (Free)

SCREENSHOT: AWS Sign-In Page

Security Best Practice: Enable MFA
(Click here for a step-by-step guide to enabling MFA)

  1. Go to IAM Dashboard
  2. Select “Security credentials”
  3. Enable MFA for root user

SCREENSHOT: MFA Input


Part 2: Creating EC2 Instance

Launch EC2 Instance

  1. Navigate to EC2 Dashboard
  2. Click “Launch Instance”
  3. Configure instance:
    • Name: “whizzygeeks-openVPN-server”
    • OS: Ubuntu Server 24.04 LTS
    • Instance type: t2.micro
    • Create new key pair:
      • Name: “openvpn-key”
      • Type: RSA
      • Format: .pem
    • Note: For a production setup, it’s recommended to use a static IP for your EC2 instance. However, for this demo, we are proceeding without a static IP assignment.

SCREENSHOT: EC2 launch wizard

Security Group Configuration

Create a security group with these rules:

Inbound Rules:
- SSH (22): Your IP (Recommended)
- HTTPS (443): opneVPN will be accessible over port 443 (More Secure)

Outbound Rules:
- All Traffic: 0.0.0.0/0

SCREENSHOT: Security group settings


First let’s Learn how to SSH into an EC2 Ubuntu Server

Access your EC2 Ubuntu server using two methods:

Method 1: EC2 Instance Connect

  1. Go to the AWS EC2 Console, select your instance, and click Connect.
  2. Under EC2 Instance Connect, click Connect to open a browser-based terminal.

    No SSH client needed—ideal for quick access!

Method 2: SSH via Terminal with .pem Key

  1. Open your terminal and navigate to where your .pem file is stored, for example:
  2. Connect using this SSH command, replacing <public-ip> with your instance’s IP address:
    ssh -i "OpenVPN-key.pem" ubuntu@<public-ip>

  3. If prompted, type “yes” to accept the connection.

Installing OpenVPN

sudo apt update && sudo apt upgrade -y
curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh
chmod +x openvpn-install.sh
sudo ./openvpn-install.sh

SCREENSHOT: Installation process

Installation Options

You’ll be prompted to choose:

  • IPv4 address: Choose the public IP
  • Port: 1194 (default) But we will opt for port 443
  • Protocol: UDP (recommended) But we will opt for TCP as it will be more secure.
  • DNS: Choose based on your needs:
    • 1: Current system resolvers
    • 2: Google
    • 3: Cloudflare
    • 4: OpenDNS
    • 5: Quad9
    • 6: AdGuard
  • Client name: Choose a name for your first client

SCREENSHOT: Configuration options



Part 3: Client Management

Adding New Clients

sudo ./openvpn-install.sh
# Select Option 1

Revoking Client Access

sudo ./openvpn-install.sh
# Select Option 2

Uninstalling OpenVPN

sudo ./openvpn-install.sh
# Select Option 3

SCREENSHOT: Management menu


Part 4: Windows Client Setup

Installing OpenVPN Connect

    1. Download OpenVPN Connect from openvpn.net for windows click here for mac click here
    2. Step 2: Obtain the OVPN Configuration File

    3. On the server where OpenVPN is installed, locate the .ovpn configuration file (you can view it by running cat <filename> or opening it with vi <filename>

    4. Copy the contents of this file and save it in a text editor, like Notepad, with a .ovpn extension.

    5. Run installer

    6. Launch OpenVPN Connect

    7. Import .ovpn file

    8. Connect to VPN

SCREENSHOT: OpenVPN Connect interface


Part 5: Monitoring and Maintenance

Checking Service Status

sudo systemctl status openvpn@server

Viewing Logs

sudo tail -f /var/log/openvpn/openvpn.log

Regular Maintenance

sudo apt update
sudo apt upgrade
sudo systemctl restart openvpn@server

Troubleshooting Common Issues

Connection Issues

  • Can’t Connect:
    • Check EC2 security groups
    • Verify port 443 is open
    • Ensure .ovpn file is correct
  • Slow Speeds:
    • Try different EC2 regions
    • Check instance type limitations
    • Test both UDP and TCP
  • Frequent Disconnects:
    • Check instance health
    • Review OpenVPN logs
    • Verify network stability

Security Best Practices

  • Keep your .pem key secure
  • Regularly update server packages
  • Monitor server logs
  • Use strong client passwords
  • Implement 2FA where possible
  • Regular backup of configurations

Conclusion

You now have a secure, personal VPN server running on AWS. Remember to regularly maintain and update your server, monitor for unusual activity, and keep your client configurations secure.


 

Need Cloud, Devops, Linux or IT support ?

Fill in the requirement form or Drop us an email on [email protected]

Expert IT Consultation

Schedule a discussion with our IT specialists. Whether it's system upgrades, security, or digital transformation, our experts can help you navigate the IT landscape successfully.

Related

Signs Your Website Needs an SEO Audit!

The success of your website relies on SEO, which...

What are Managed Cloud Services?

Cloud computing has revolutionized business operations by offering flexibility...

Unlocking Business Value with DevOps’s ROI for SMBs & Enterprises

DevOps: A Game-Changer for Businesses Big and Small Organizations should...

The Significance of Cyber Security in the Current Digital World

After shopping for years, you're left wondering if your...

AWS Cost Optimization: Tools and Tips for Maximum Savings

Managing costs efficiently in AWS is crucial for businesses...