# Deploy your own OpenVPN Server on AWS

## Overview

<figure><img src="https://2684022488-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FOFDKnFMEMmJjoclGx9Hr%2Fuploads%2FnuRegtbTZhfWmd77cFcb%2Fimage.png?alt=media&#x26;token=213fc0ea-d36c-462a-9a93-70757c3dcca3" alt=""><figcaption></figcaption></figure>

Most of your AWS resources should be in private subnets for security reasons, but that also means they’re not directly accessible from the internet. To reach them securely, you need a VPN.

In this tutorial, we’ll use OpenVPN on AWS to create a secure, encrypted connection to your private resources so your team can access them safely.

## Problem

* AWS resources in private subnets aren’t accessible from the internet by default.
* Teams often try to solve this by opening ports or using bastion hosts, which increases security risks.
* These workarounds also add complexity to network management and access control.
* A VPN is needed to provide secure and simple access without exposing services publicly.

### Business Impact

Without a VPN, secure remote access is harder, slower, and more risky. A VPN simplifies access and keeps development and operations running securly.

**But what is a VPN?**

A **VPN (Virtual Private Network)** is a secure, encrypted connection that allows you to access a private network over the internet as if you were physically inside it. It’s commonly used to safely reach internal servers, databases, or applications without exposing them to the public.

## How Stakpak Helps?

It lets you selfhost OpenVPN with zero AWS and Open VPN experience you dont need to read docs or google commands

## Step-by-Step Guide

### Prerequisites

1. [install-stakpak](https://stakpak.gitbook.io/docs/get-started/install-stakpak "mention")
2. Cloud provider credentials configured
3. Then just ask it to i want to install openvpn on aws so i can access my private resources
4. Here you chose your preferences

<figure><img src="https://2684022488-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FOFDKnFMEMmJjoclGx9Hr%2Fuploads%2FW2cy5jD4roW105afva1K%2Fimage.png?alt=media&#x26;token=26ce0bc9-f362-423d-85d1-1271ad267224" alt=""><figcaption></figcaption></figure>

5. I want to know more about the different architectures, so let's ask about it

<figure><img src="https://2684022488-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FOFDKnFMEMmJjoclGx9Hr%2Fuploads%2FOoCnK4U7jWwqFNgPAUEk%2Fimage.png?alt=media&#x26;token=8512877d-4eeb-4a61-8dad-581f41381792" alt=""><figcaption></figcaption></figure>

6. Here I chose&#x20;
   1. Which AWS Region? EU West 1
   2. Do you have a VPC set ups? Yeah, i have a VPC
   3. How many people need VPN Access? Just one person needs access&#x20;
   4. AWS Client VPN or Self Hosted Open VPN or Open VPN from Market Place? Self Hosted Open VPN

<figure><img src="https://2684022488-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FOFDKnFMEMmJjoclGx9Hr%2Fuploads%2F3O1itU6hjQyGDjBoZiYp%2Fimage.png?alt=media&#x26;token=06db8d34-61a1-4b30-9e9d-08156a0637dc" alt=""><figcaption></figcaption></figure>

7. I will just tell it to continue with the defaults

<figure><img src="https://2684022488-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FOFDKnFMEMmJjoclGx9Hr%2Fuploads%2FFIqmpbxUnh0kH15pQzZd%2Fimage.png?alt=media&#x26;token=06088d8e-fe73-42bf-8344-8b5c479a487c" alt=""><figcaption></figcaption></figure>

8. Now we can review the commands and press Enter to continue it will be:
   1. Get the VPC details
   2. Get the subnet details
   3. Check the internet gateway
9. Now it will create a security group for open vpn and get the latest Ubuntu version

<figure><img src="https://2684022488-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FOFDKnFMEMmJjoclGx9Hr%2Fuploads%2FvNX1XAJ9OzRIWpqyuz0U%2Fimage.png?alt=media&#x26;token=b72091e0-10ed-4e1f-9d0d-187aa4385dd4" alt=""><figcaption></figcaption></figure>

10. Now it will create the security group rules, SSH key, and launch the ec2 instance

<figure><img src="https://2684022488-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FOFDKnFMEMmJjoclGx9Hr%2Fuploads%2FIRVkksF8RvClDDoWO9pU%2Fimage.png?alt=media&#x26;token=80b5da82-13f3-4afe-b999-5065a3b221cd" alt=""><figcaption></figcaption></figure>

11. Now that we have the EC2 ready, Stakpak will start setting up open VPN

<figure><img src="https://2684022488-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FOFDKnFMEMmJjoclGx9Hr%2Fuploads%2F6NeuYqm2TTnC7TaAVtz1%2Fimage.png?alt=media&#x26;token=c7cac226-21e2-4765-9b25-da570a7409e6" alt=""><figcaption></figcaption></figure>

12. That's it, now we can use OpenVPN

<figure><img src="https://2684022488-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FOFDKnFMEMmJjoclGx9Hr%2Fuploads%2F6p4zLuvnJ86NRdbjvmEa%2Fimage.png?alt=media&#x26;token=7da00cea-4a3a-4e70-8d18-2c142cd032e6" alt=""><figcaption></figcaption></figure>

## Extra Resources:

### References

* [install-stakpak](https://stakpak.gitbook.io/docs/get-started/install-stakpak "mention")
* [EC2 Documentation](https://docs.aws.amazon.com/ec2/)
* [Open VPN Documentation](https://openvpn.net/as-docs/general.html)