利用aws一年免费EC2搭建自用VPN
作者:Raymain1944
链接:https://www.zhihu.com/question/29217339/answer/71826802
来源:知乎
著作权归作者所有,转载请联系作者获得授权。
————————————————2016.9.11更新————————————————
由于大量知友私信我有关于AWS的各种问题,最多的也是最要命的是bills问题,所以在这里首先强烈推荐大家使用付费VPN,比如极老牌的GreenVPN(签到有免费使用时间领,其实你不付费也能用得很爽),全平台通吃,线路多稳定不限流量(假冒伪劣太多了,这里就给大家提供真正的官网https://www.green-jsq.org/)
使用AWS的EC2实例搭建VPN,由于AWS的免费试用12个月政策存在,是很讨巧的行为。但是确实也是杀鸡用牛刀了。而且部分有VPN需求的知友并不是很懂技术性的东西。iOS从10开始已经不支持PPTP这类不安全的链接了,所以请大家转移到付费VPN。本人不再对关于AWS类的私信一一回复,也不对由于使用不当产生的额外费用负责,请大家谅解。
————————————————我是分割线———————————————————
贴个教程,完全傻瓜化,不用那么烦该那么多配置文件,位置推荐东京,直接使用AWS模板,搞完以后直接一个实例在跑,记得关掉你原来的实例喔……
How to setup your own private, secure, free* VPN on the Amazon AWS Cloud in 10 minutes by Web Development
————————————————没用过AWS的必看————————————————
(1)流量限制吗?
限制,每个月15G,也就是你连上VPN以后所有数据不管WIFI还是4G如果当月超过15G就要扣美刀= =
(2)稳定吗?速度有保证吗?节点必须选东京吗?
只要某墙不闲着没事乱搞大新闻,绝对稳定,主机玩家首选,速度看youtube基本不卡,就看你家水管了,节点不一定要选东京,在你创建EC2之前,可以换地域,美帝之类的随便,看你需求
(3)我用别人的模板创建,别人会不会知道我的VPN账户密码偷跑流量?
不会的= =人家只是创建一个模板,不可能知道你的VPN用户名密码…..请相信AWS…..就算别人盗了,你直接找客服,话说AWS动不动就几千刀随便免……………
(4)免费账户要到期了肿么办?!
换张信用卡再注册个新的AWS账户…….
(5)我是学生我是XX我没有信用卡怎么办?
只要是信用卡就行,不需要支持双币,比如招行的校园卡,虽然只是银联卡,但是支持美元换算成人民币实时结算,反正我就用的这个
搭建VPN原文:https://www.webdigi.co.uk/blog/2015/how-to-setup-your-own-private-secure-free-vpn-on-the-amazon-aws-cloud-in-10-minutes/
(懒的翻译,有VPN需求的同学想必看懂英文问题不大)
How to setup your own private, secure, free* VPN on the Amazon AWS Cloud in 10 minutes
UPDATE: 15 November 2016, use L2TP over IPSEC instead of PPTP for added security, macOS Sierra support.
UPDATE: 19 September 2016, Added the new AWS Mumbai region also.
So, we all know the benefits of using a VPN like privacy, anonymity, unblocking websites, security, overcoming geographical restrictions and so on. However, it has always been hard to trust a VPN provider who could potentially log and intercept your internet traffic! Launching a private VPN server will give us the best of what a VPN truly offers. This guide will walk you through all the steps to running your own VPN server in about 10 minutes.
Advantages of a Private VPN Server
Simple: Non-techies should also be able to follow this guide easily.
Quick: 10 minutes is all it takes to follow this guide and create a private VPN server.
Private: Dedicated VPN server for your use only.
Secure: Encrypted & password enabled VPN server with no logs.
On demand: You can start / stop the VPN server as required.
Global: One or more VPN servers in 9 worldwide regions (including US, Tokyo, Singapore).
Device support: Supports PPTP and L2TP with IPSEC which means you can use the VPN server on your Android, iPhone, iPad, PC, MAC, and even most routers (to support Apple TV, Chromecast).
Open source: Review / contribute to this project https://github.com/webdigi/AWS-VPN-Server-Setup
Free: New Amazon AWS customers have a free tier server for the first year.
Creating your Private VPN Server
Visit http://aws.amazon.com/free/ and complete the signup. If you already have an Amazon AWS account then please login and follow on.
2. Select a region for your VPN server.
The VPN server can be in the following locations – North Virginia, Oregon, California, Ireland, Frankfurt, Singapore, Tokyo, Sydney, São Paulo. All your traffic will flow through the region that your VPN server is hosted. The selected region will appear in bold next to your name on the top header bar.
3. Open CloudFormation in the Amazon AWS control panel.
You can follow this link or click on the cloud formation link from the AWS page.
4. Start creating a stack with CloudFormation. Click on “Create Stack” button on top of the page.
5. Setting up the template for the stack
Enter a stack Name say MyVPN (you use what you like). Then under Template, Source, select “Specify an Amazon S3 template URL” and paste in this URL https://s3.amazonaws.com/webdigi/VPN/Unified-Cloud-Formation.json and then click Next.
6. Setup VPN access details in the Specify Parameters page
Speed: Select Standard.VPN-Free and this should do for most use cases. We have also added faster server options if you ever require VPN with multiple simultaneous video streams and so on.
Username: VPN username for your VPN server.
VPNPassword: VPN password for your VPN server.
VPNPhrase: VPN passphrase the L2TP – IPSEC connections on your VPN server.
7. You will then be taken to the Options section and you can click Next without having to fill anything on this page.
Finally, you will see a review page as in the screenshot below. Just click on Create and the VPN server will be created in a few minutes.
8. Monitoring the VPN server creation
You will see a page which shows that the status is Create in progress as below.
Within about 2 minutes you should see that the stack create in progress is complete as below.
9. Obtain the private VPN server IP address
Once the stack status shows as CREATE_COMPLETE you can then click on the Outputs tab.
Now in the outputs tab you can see the server IP address as highlighted below.
Awesome, you should now have your private VPN server running in the IP address shown in the outputs tab. Please note that the IP address is unique for your server and you need it to connect your devices. Now your VPN server is ready and let us connect to it.
Connecting to your private VPN server
Each device has its own configuration to connect to a VPN server. We have added a how to for a few popular devices below. Please note that your private VPN server supports both PPTP and L2TP with IPSEC. This means that your VPN server supports most devices out there including older routers. You can connect to your VPN server with either PPTP or L2TP as supported by your device.
The parameters for your VPN connection are
Server Address: The IP address from step 9 and this is unique for your VPN server.
VPN Username & Password: From step 6 above. Same username & password for PPTP / L2TP VPN.
VPN Passphrase: You set this up on step 6 above and only have to be used with an L2TP connection.
Examples below use PPTP but you can also find out how to setup L2TP with IPSEC on various websites.
1. Setting up VPN on an Android 5.0
2. Setting up VPN on a MAC with the PPTP connection.
UPDATE Nov 2016: PPTP is not supported on macOS Sierra so follow point 3 using L2TP over IPSEC (below).
First open System Preferences, then Network and follow the screenshots below.
3. Setting up VPN on a Mac with L2TP over IPSec
UPDATE Nov 2016: L2TP is recommended now. Follow instructions as in PPTP after you setup up to point 8 below.
Follow other steps as outlined in the above section on PPTP to finish the setup.
4. Setting up VPN on Asus RT-AC68U router
5. For all other devices please search for Setting up PPTP VPN on my iphone and so on. You can also setup an L2TP IPSEC VPN which is more secure but might not be supported on all devices.
Tips / Suggestions
1. If you want to delete your VPN server then just open CloudFormation on AWS. Make sure you select the same region that you created your VPN server. Then just click on Delete Stack button and your private VPN server will be removed.
2. You can have multiple VPN servers all over the world. You just have to repeat the setup steps in this guide by selecting different regions. Please note that AWS free tier gives you a total of 750 hours a month free. You can also delete and create VPN servers as frequently as you want.
3. Setting up a VPN connection on your router will allow all devices on its network to use the VPN server. This could be beneficial for use with AppleTV / Chromecast and any device that does not support a VPN.
4. You can test if your VPN connection is active by just searching for “what is my ip address” on your favourite search engine. The IP address reported will be that of your private VPN server if everything is your connection is enabled. If your VPN connection is not enabled or if the VPN server settings are not complete then it will report your ISP’s IP address.
5. We love your feedback and let us know if you face any issues in the comments section below or on our github page for setting up your private VPN on AWS.
更多精彩内容
