Project - Why pay for Expensive VPN services when you can configure one yourself with OpenVPN in AWS !

 

Configurable Sandbox Portfolio Project: Virtual Private Network (VPN) Service Configuration Using Open Source and AWS Free Tier


Project Overview

This portfolio project is designed to create an end-to-end, configurable sandbox for a Virtual Private Network (VPN) service. The solution leverages open-source software—specifically the OpenVPN Access Server—and the AWS Free Tier to provide a robust, secure, and scalable VPN service. This project will not only showcase technical proficiency in SDN/NFV and secure communication protocols but also address interoperability and cyber-resilience challenges that are critical in healthcare environments.


Author: S Ananda Theertan

Date: 11/3/2025 - 4:16PM IST.


Tools used - 

1. AWS Free Tier Access (needs one active Credit Card to enable account)

  • Amazon EC2 Instance (t2.micro) - Virtual server used to host the OpenVPN Access Server.
  • AWS Management Console - Web interface to manage AWS services, including launching and configuring EC2 instances. 
  • OpenVPN Access Server AMI - A pre-configured Amazon Machine Image that installs and sets up the OpenVPN Access Server.

2. OpenVPN Desktop Client with Login Credentials - free

3. SSH Client (e.g., PuTTY, Terminal) - free

Used for secure command-line access to the EC2 instance during configuration.

4. Text Editor (e.g., Notepad++, Sublime Text) - free

5. GPT-4o mini for Debugging Code, Reasoning + Developing a Roadmap - available as Windows app. Web Browser - Fedora on Ubuntu/RHEL/GNU or any Linux Distro if private and open-source access required.


Project Objectives

  • Deploy a VPN Service: Configure and launch an OpenVPN Access Server on an AWS EC2 instance.
  • Demonstrate End-to-End Connectivity: From signing into the AWS Management Console to launching the instance, SSH access, server initialization, and end-user connection.
  • Validate Configuration: Use built-in live troubleshooting tools (ping, traceroute) and validate the setup via the provided lab validation steps.
  • Promote Cyber-Resilience: Emphasize secure networking fundamentals essential for healthcare settings, where a lack of interoperability between departmental ecosystems hampers cyber-resilience.

Lab Execution Steps

Task 1: AWS Management Console Sign-In

  • Sign In: Access the AWS Management Console using your credentials.
  • Region Setup: Set the default region to US East (N. Virginia).

Task 2: Launch an EC2 Instance

  • Instance Configuration:
    • Name the instance as MyVPNServer.
    • Select the OpenVPN Access Server AMI.
    • Choose a t2.micro instance type (free tier eligible).
  • Key Pair Creation: Create and download a new key pair named MyVPNKey.
Screenshots of Steps - 



















Task 3: SSH into the EC2 Instance

  • Connection: Use SSH (username: root or openvpnas as appropriate) with the downloaded key to connect to your instance.
  • Public IP: Retrieve the IPv4 Public IP of your instance for further configuration.


Task 4: Initialize the VPN Server

  • Configuration Prompts: Follow the guided setup for the OpenVPN Access Server:
    • Confirm ALL default settings by pressing Enter.
    • Set up administrative credentials 
    • For example, username: OpenVPN, password can be: MyVPN!@#
    • Configure the web UI and VPN daemon ports (defaults: 943 for Admin UI and 443 for OpenVPN).
    • Decide on routing options (choose defaults where applicable).



Task 5: Connect to the VPN

  • User Login: Access the VPN User Page via HTTPS using your instance’s public IP.


  • VPN Connector: Download and install the VPN connector on your local machine, then connect using the configured credentials.





Task 6: Validation and Cleanup

  • Validation: Run the lab’s validation tool to confirm the successful deployment.
  • Resource Cleanup: Terminate the EC2 instance after validation to avoid unnecessary charges.

Tip - 

  • If you see the below message instead, then type thisisunsafe on the keyboard and the page will automatically reload.

  • When OpenVPNConnector application is open - if you see Onboarding Tour, just close it. It should not bother you again.




Pros and Cons of Using OpenVPN Access Server

Pros

  • Cost-Effective and Open Source: Leverages open source technology, reducing licensing costs and offering flexibility.
  • Rapid Deployment: Can be quickly deployed on cloud infrastructures like AWS Free Tier, allowing for agile testing and iteration.
  • Strong Security Features: Offers robust encryption, authentication, and data integrity features essential for secure communications.
  • Scalability: Can scale to support additional users or integrate with more advanced networking solutions as needed.

Cons

  • Complexity in Advanced Configurations: While initial deployment is straightforward, advanced network policies and custom configurations may require deeper expertise.
  • Manual Intervention for Scalability: Scaling the solution for enterprise-level requirements might necessitate additional automation and orchestration efforts.
  • Dependence on Cloud Provider: Reliance on AWS infrastructure introduces external dependencies that may impact overall control and cost management.

Importance of Secure Networking Fundamentals in Healthcare

Interoperability and Cyber-Resilience

  • Healthcare Challenges: Healthcare environments often suffer from fragmented IT ecosystems - lack of interoperability increases vulnerabilities, exposes patient data, and hampers efficient service delivery.
  • Secure Networking Fundamentals: Implementing robust, open-source network standards ensures that systems can securely interconnect across departments.
  • Cyber-Resilience: Higher resilience against cyber threats, ensuring that critical services remain operational even under attack. This is the bottom-line of any Cyber Service Providers.
  • Empowering IT Staff: Overburdened IT teams in healthcare settings can safely automate network operations - reduce downtime and improve service quality.

Why did I use OPENVPN?

OpenVPN is widely used and trusted by organizations and individuals worldwide for its robust security features, including encryption, authentication, and data integrity. 

It provides a flexible and scalable solution for establishing secure connections, making it suitable for various use cases, such as remote access to corporate networks, securing public Wi-Fi connections, and creating secure communication channels between different cloud environments.

Conclusion: A Vision for the Future

The most important thing I can do today is to build and champion secure, interoperable network infrastructures that not only support cutting-edge technologies but also safeguard the lives and well-being of our most vulnerable populations.

In a world where AI is set to rapidly evolve and potentially surpass human intellect by 2030, ensuring that network security remains robust and adaptable is essential. Control over open-source network standards, SDN/NFV, and secure communication protocols is key to enabling agentic AI intelligence responsibly. 

Through this project, I aim to demonstrate my proficiency, contribute to the cyber-resilience of healthcare IT systems, and support the overburdened IT staff at government hospitals—ultimately providing a lifeline for the sick, infirm, and elderly.

I would be grateful to any Organization that provides me the opportunity to further develop these critical skills and to help shape the next generation for a future where secure and interoperable network infrastructures empower both technology and humanity.

Be it Spanish or Linux, Language is never a barrier - it's a Protocol - one that must be followed religiously to Succeed Together! 

If one has Dedication - one can do anything one sets out to Achieve.


Motivación





ENDNOTES

What Strategic Value do I bring? 

Why me? 

Why should you invest a part of your valuable time in me?

"Future-Proofing Networks" 

I cannot stress this enough.


As of March 2025, and as an IT Protocol Engineer-Researcher(R1),


AI continues to evolve and thrive. Organizations are churning data to fine-tune models as per their needs and compliances.
 
They are well-aware that AGI is incoming.

 

This AGI may soon surpass human decision-making in network management, hence establishing frameworks as secure and interoperable network foundation is paramount.

 

Zero Trust Networks is absolute.

 

I know you require people who understand Networks at fundamental Packet Layer level. 
  
Not only at Protocols - the physics behind it too. 


I wish to say to you -


Here Am I. Send me. 

 




-x- 




Comments

Post a Comment

Popular posts from this blog

Demonstrating Embedded Expertise for a Novel Healthcare related Fidelity - PCB Design Schematic for ECG-IoT Prototype Device that utilizes Human Body as Conduction Medium to transfer key Biomarkers Data and Signature.

Image
  I customized this board in Altium.  The central component of this Architecture is the Digital "Brains" located in the heart of the board.  The  RP2040  is a  32-bit dual ARM Cortex-M0+ microcontroller  developed by  Raspberry Pi Ltd , launched in  January 2021 . It features a flexible clock speed of up to  133 MHz  and includes  264kB of on-chip  SRAM . This chip supports multiple interfaces, including  2  UARTs , 2  SPI controllers , and 2  I2C controllers , making it versatile for various applications! More Details about this project can be Found @ CDWEL - IIIT-B Lab Homepage These images are all for your reference, courtesy of datasheet and main website.  I think we must develop more such Embedded Microprocessors to competitively enable AI at the Edge. I think the next whole narrative will be changed when Analog Computing Paradigms help Digital processors decide EVEN FASTER - then having found...
Read more