By Daniel Du
A few days back, I tried to set up a VPN server with AWS EC2 with PPTP service, I am writing down what I did in this post. PPTP means Point-to-Point Tunneling Protocol, which is a method for implementing virtual private network, please refer to Wikipedia for more information about PPTP. PPTP is commonly used, many clients including mobile devices like iPhone/iPad and Android devices support this to connect to VPN.
Firstly I log in to AWS console and switch EC2 service to start an instance,To make it simple, I use Linux micro instance, it is good enough to run such a service, and it is included in the AWS Free Usage Tier for new AWS user.
It is pretty straight forward to launch a new instance following the wizard. If you have already used EC2 service before, you probably have already created a key pair and download the pem file. You can use the exiting one if you have one or create a new key pair. I will use my existing one:
PPTP service uses TCP 1723 port by default, so please add this port to the security group:
If everything goes fine, you will create an Linux 32bit Micro instance and launch it, after a few minute, it will be running.
To make it convenient, I suggest to assign an elastic IP to this instance, but please note that when you stop this instance, do remember to release the elastic IP as well, otherwise you will be charged as punishment, because you are wasting limited IP address resources :)
Next step is to log in EC2 Linux instance and install PPTP service. To remote login Linux instance on EC2 from a windows machine, we can use a SSH client, like PuTTY. PuTTY does not natively support the private key format generated by Amazon EC2. Fortunately, PuTTY has a tool called PuTTYgen, which can convert keys to the required PuTTY format.
Once we login to EC2 instance with your key pair(as ec2-user), we can start to install PPTP service. I am using a script from github, run the following commands one by one in SSH console:
sudo yum -y install rpm-build gcc make
sudo wget https://gist.github.com/raw/666241/e8f3030a9e7066b8deb0a3d9ec761360e2d94227/pptpd.sh
sudo sh pptpd.sh
The PPTP service will be installed automatically and a default VPN user will be created. To add new VPN users, we can edit /etc/ppp/chap-secrets file with vim, the format is:
username pptpd mypassword *
The asterisk(*) means the VPN user can connect to this PPTP service from any IP address.
OK, that's it, quite simple, now I can connect to my VPN server on EC2 from my iPhone and check the updates of my friends on Facebook now. Of cause you may have other reason to use it. Enjoy!