Configuring OpenVPN on a Micro AWS instance

The results are in, running OpenVPN on an AWS Micro instance works flawlessly, with the one exception that Apple does not have support for OpenVPN, only L2TP, PPTP, and IPSEC unless you jailbreak your phone.

OpenVPN on Micro AWS Instance

I had planned on writing instructions on how to setup AWS on a free Micro instance but a very nice set of instructions already exists here (run the commands under the root account, Sudo will only cause problems)

Micro instances on AWS are free up to 750 hours (that’s 24/7) and 15GB of bandwidth (across all AWS services).  If you wanted you could create a cron job to shutdown the instance and then turn it on when you needed it (via a nice app on your smartphone) you could preserve your micro instance hours.

Also, make sure you open the right ports on the Ubuntu AMI, (TCP 443, TCP 943, UDP 1194) and of course don’t forget SSH 22 so you can access your server.

Straight form OpenVPN

Long answer: By default OpenVPN Access Server has 2 OpenVPN daemons running. One of them on UDP port 1194 and another on TCP 443. We recommend that you use the UDP port because this functions better for an OpenVPN tunnel. However, many public locations block all sorts of ports except very common ones like http, https, ftp, pop3, and so on. Therefore we also have TCP 443 as an option. TCP port 443 is the default port for https:// (SSL) traffic and so this is usually allowed through at the user’s location.

TCP port 943 is the port where the web server interface is listening by default. You can either approach this directly using a URL like https://yourserverhostnamehere:943/ or by approaching it through the standard https:// port TCP 443, since the OpenVPN daemon will automatically internally route browser traffic to TCP 943 by default. (https://yourserverhostnamehere/).

The only thing I would recommend is setting a root password and changing to root before following the guide above

sudo passwd root

Set a root password when prompted and then changing to the root account before beginning


Enter the newly created root password when prompted.  The reason I suggest this is that you cannot run ./vars without root access and sudo ./vars will fail, change to root and save the trouble.


Leave a Reply

Your email address will not be published.