VPN server on EC2 instance

DevOps, Open Source
VPN server on EC2 instance

The easiest way to setup VPN server on Amazon EC2 instance.

We need pptpd deamon – POPTOP is our choice. Let’s pull it, and install:

wget http://poptop.sourceforge.net/yum/stable/rhel6/x86_64/pptpd-1.4.0-1.el6.x86_64.rpm
sudo yum localinstall pptpd-1.4.0-1.el6.x86_64.rpm

We have to setup IP pull to use for out VPN clients:

sudo nano /etc/pptpd.conf
localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.2

Also, you have to comment out

logwtmp

line.

Also we have to enable DNS servers, we are going to use Google one – you are free to use any other open servers, or your provider DNS settings.

sudo nano /etc/ppp/options.pptpd

ms-dns    8.8.8.8
ms-dns    8.8.4.4

We need to setup users
sudo nano /etc/ppp/chap-secrets

slav pptpd password *

obviously slav is out username, and password is our unique password

let’s enable ip forwarding:

sudo nano /etc/sysctl.conf

net.ipv4.ip_forward = 1

sudo /sbin/sysctl -p

And enable MASQUERADE in iptables

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

to make changes permanent we have to add this line to
sudo nano /etc/rc.local file

Let’s start pptpd
sudo service pptpd start
and make changes permanent
chkconfig pptpd on

Final step is to open ports on firewall:

!()[images/2014/07/rules.png]