Skip to content
A quick launcher for a OpenVPN Server on AWS EC2
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
src/main Closes #6 Aug 12, 2018
LICENSE.txt Added license info Feb 16, 2017
pom.xml Updated all dependencies Oct 27, 2018


This tool starts a new AWS EC2 instance and configures a ready to use OpenVPN Server on it in just 2 minutes.


We don't use GitHub releases, and publish on Bintray instead. You can download the binaries here.

Initial config

  1. Setup your AWS Account if you don't have one already
  2. Go to EC2 and pick your desired region in the upper right corner. It is important to choose the right region as this will be the location shown to other websites while you use the VPN. If you want to appear to be in Germany, you need to select EU (Frankfurt). Likewise, you need to select EU (Ireland) to set your position to Ireland. **Please note: ** VPN is only available in the following regions:
  • US_EAST_1 (Virginia)
  • US_EAST_2 (Ohio)
  • US_WEST_1 (Northern California)
  • US_WEST_2 (Oregon)
  • CA_CENTRAL_1 (Canada)
  • EU_WEST_1 (Ireland)
  • EU_WEST_2 (London)
  • EU_CENTRAL_1 (Frankfurt)
  • AP_SOUTH_1 (Mumbai)
  • AP_SOUTHEAST_1 (Singapore)
  • AP_SOUTHEAST_2 (Sydney)
  • AP_NORTHEAST_1 (Tokyo)
  • AP_NORTHEAST_2 (Seoul)
  • SA_EAST_1 (Sao Paulo) (For nerds: This is because the AMI is only available in those regions)
  1. Note the code of the region you chose (e. g. AP_SOUTHEAST_2 for Sydney)
  2. Head over to the "Key Pairs"-section in the left menu and create a new Key Pair. Note the name of the Key Pair and download the corresponding pem file. This file is used to authenticate on the new instances so keep it in a safe place where it is unlikely that you will delete the file.
  3. Go to the IAM User service and create a new user.
  4. Give it a good name and allow "Programmatic access" and do not allow "AWS Management Console access" for more security.
  5. Select "Attach existing policies directly" on the permissions page and select "AmazonEC2FullAccess" (Don't worry, we only create and terminate EC2 instances and the required security group, nothing else, but this is the only permission set that we tested the script with. If you don't trust us, have a look at the source code.)
  6. Click "Review" and "Create user". A "Access Key ID" and a "Secret access key" will be shown to you. Note them both down.
  7. Now open up a terminal (on Windows, you hit Win+R and type cmd and then hit "Enter"). cd to the folder where you saved the downloaded file in.
  8. Run the following commands and replace the parameter values with yours:
java -jar awsVpnLauncher-1.4-jar-with-dependencies.jar config awsRegion <The code of the region you chose>
java -jar awsVpnLauncher-1.4-jar-with-dependencies.jar config awsKey <Your Access Key ID>
java -jar awsVpnLauncher-1.4-jar-with-dependencies.jar config awsSecret <Secret access Key>
java -jar awsVpnLauncher-1.4-jar-with-dependencies.jar config awsKeyPairName <The name of the key pair you created>
java -jar awsVpnLauncher-1.4-jar-with-dependencies.jar config privateKeyFile C:\path\to\the\private\keyFile.pem
java -jar awsVpnLauncher-1.4-jar-with-dependencies.jar config openvpnPassword <The password for the vpn server that you wish to use>

Note that all of your credentials and passwords will be stored on your hard drive in clear text. Nothing is sent to any server except to Amazon AWS.

Launch a new instance

  1. Open a terminal
  2. cd to the downloaded jar-file
  3. Run java -jar awsVpnLauncher-1.4-jar-with-dependencies.jar launch

Terminate all running instances

  1. Open a terminal
  2. cd to the downloaded jar-file
  3. Run java -jar awsVpnLauncher-1.4-jar-with-dependencies.jar terminate


The script itself is free and is provided under the Apache License v2.0. However, AWS will charge you for the required resources. The exact prices can be found here. We currently use t2.micro as the instance type but there are plans to make this configurable.

AWS will charge you for the traffic you push through the VPN, too. Detailed info about that can be found here.

The instance type t2.micro is free tier eligible. That means that the cpu of the instance will be free for one year. However, you will still be charged for the traffic.


Things get stuck while launching/configuring the VPN server

Just hit Ctrl+C to cancel the launch, run the terminate command and then the launch command again. If this does not work then, check if you are connected to the internet. If it still fails, create a new issue and post the console log in the issue. We will be pleased to help you.

You can’t perform that action at this time.