This project deploys an EC2 instance in your AWS account with VPN server and HTTP proxy installed. The EC2 instance could be deployed in any AWS region. You may use VPN to browse internet or to watch Netflix as in other region.
The CloudFormation template deploys an EC2 instance together with its required AWS infrastucture so that the EC2 instance does not mix up with existing infrastructure in your AWS account. This includes a new VPC, subnet, internet gateway, security group, IAM role and instance profile. User data of the EC2 instance installs and configures the HTTP proxy (squid) and VPN server (pptpd).
Note: You will deploy a t3a.micro
EC2 instance in your AWS account. This will incur some charges as it is beyond AWS Free Tier limit. You can choose another instance type.
-
Configure your AWS CLI credentials in a Linux or macOS environment. If you have a named profile, setting the
AWS_PROFILE
environment variable at the command line.export AWS_PROFILE=user1
-
Run a deployment script. There are several deployment scripts for different regions prepared for you as example.
Script Region AWS region code deploy.oregon.sh
Oregon, US us-west-2
deploy.tokyo.sh
Tokyo, Japan ap-northeast-1
deploy.london.sh
London, UK eu-west-2
-
After the script completes you will see the connection info like below in the screen.
Output: ProxyPort xxxx ProxyServer xxx.xxx.xxx.xxx VPNPassword xxxxxxxxxx VPNServer xxx.xxx.xxx.xxx VPNUser xxxxxxxx My IP without Proxy: yyy.yyy.yyy.yyy My IP with Proxy: xxx.xxx.xxx.xxx Server: xxx.xxx.xxx.xxx AMAZON-02 - England, United Kingdom Ping: 243ms
-
Then you can connect to your HTTP proxy and VPN server.
- HTTP Proxy
- Server: (refer to your output)
- Port: (refer to your output)
- No password
- VPN:
- Protocol: PPTP
- Encrpytion: MPPE
- Server: (refer to your output)
- HTTP Proxy
You can prepare your own deployment script with different configurations.
Specify AWS_PROFILE
if you configure your AWS CLI in a named profile. For example,
AWS_PROFILE=user1
Deploy EC2 instance in another region. See the AWS link for full list of region code and name.
For example, use this to deploy EC2 instance in Seoul, South Korea:
AWS_DEFAULT_REGION=ap-northeast-2
The StackName
refers to the stack name in CloudFormation template. You will also find it in the name of all deployed resources for identification.
StackName="Tunnel-Server"
The CIDR block ranges allowd to connect to the EC2 instance.
To allow your own public IP address only (by probing through https://ifconfig.co):
AllowedCIDR="$(curl https://ifconfig.co 2>/dev/null)/32"
To allow anyone (this is not safe!!!):
AllowedCIDR="0.0.0.0/0"
Default: t3a.micro
The instance type of the EC2 instance.
For example, deploy the EC2 instance of instance type t3.micro
.
InstanceType="t3.micro"
Port number for HTTP proxy
VPN username
VPN password
You can connect to your EC2 instance using SSM Session Manager. Go to the EC2 service in AWS console and find your EC2 instance. Click "Connect" -> "Session Manager" -> "Connect". You cannot connect to the EC2 instance through SSH for security purpose.
After you are done, remember to delete the CloudFormation stack in AWS management console. You can run the script list-all-ec2.sh
to list your EC2 instance in all AWS regions for double check.