Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Create a VPN on EC2 in 30 seconds
#!/bin/sh
# linux firewall/forwarding
modprobe iptable_nat
echo 1 | tee /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.10.10.1/2 -o eth0 -j MASQUERADE
# install openvpn
apt-get update && apt-get install -y openvpn
cd /etc/openvpn/
INSTANCE=$(curl http://169.254.169.254/latest/meta-data/public-hostname)
openvpn --genkey --secret ${INSTANCE}.key
cat > openvpn.conf <<OPENVPN
dev tun1
ifconfig 10.10.10.1 10.10.10.2
port 443
proto tcp-server
secret ${INSTANCE}.key
OPENVPN
service openvpn restart
# create a client.zip (for use with tunnelblick or any openvpn clients)
cd /etc/openvpn/
cat > ${INSTANCE}.conf <<OPENVPN
dev tun
dhcp-option DNS 8.8.8.8
ifconfig 10.10.10.2 10.10.10.1
port 443
proto tcp-client
redirect-gateway def1
remote ${INSTANCE}
secret ${INSTANCE}.key
OPENVPN
apt-get install -y zip
zip client.zip ${INSTANCE}.conf ${INSTANCE}.key
# scp /etc/openvpn/client.zip to your machine for use
# imports straight into tunnelblick on a mac
@lucaspiller

This comment has been minimized.

Copy link

@lucaspiller lucaspiller commented Aug 28, 2013

The URL used for the INSTANCE variable doesn't work for me, but I'm assuming it returns the same as http://ifconfig.me/host.

@rayrod2030

This comment has been minimized.

Copy link

@rayrod2030 rayrod2030 commented Aug 29, 2013

@lucaspiller That URL only works from within EC2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment