How Do You Create Own Wireguard Vpn On AWS EC2 with Tailscale
Firstly, Let's discuss Wireguard and Tailscale. Most basically a description for wireguard, it is a communication protocol for encrypted package transfer on the HTTP. Jason A. Donenfeld developed it as an open-source project. Not a VPN alone. Actually, Tailscale using this protocol, provides a communication line to users for the client on the Wireguard. So, This is much faster and more private than older methods. In short, we learned our knowledge in general. Now let’s see how to set up your own super-fast VPN on AWS.
How To Create EC2 for Vpn Purpose
- Go to EC2 Launch dashboard.
- Click the Launch instances button and select Ubuntu 20.04 image.
- Doesn't matter ram or storage amounts because we need only bandwidth. So, you can select a low-configurated or free-tier machine on the next step.
- You can leave all things as default but in Step 6, set anywhere source of SSH port for ssh connection.
- Launch the machine.
How To Create Public IP on Elastic IPs for EC2
- Go to EC2 dashboard. You will see Elastic IPs on the left panel.
- Click the Allocate Elastic IP Address button.
- Define the ip assignment by matching the instance you just installed on the screen that opens.
Create an Account on the Tailscale
Before continuing, create a Tailscale account and download the client to your computer.
How To Setup Tailscale on EC2
Firstly, you should connect to ec2 via ssh. Then follow these steps:
- sudo apt update
- sudo apt upgrade
- curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/focal.gpg | sudo apt-key add -
- curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/focal.list | sudo tee /etc/apt/sources.list.d/tailscale.list
- sudo apt update
- sudo apt install tailscale
- sudo tailscale up
- Login to Tailscale via prompted URL in the console.
Setup the EC2 Instance as Exit Node
- sudo tailscale down
- vim /etc/sysctl.conf: Find ipv4.ip_forward = 1 and ipv6.conf.all.forwarding = 1 lines and change it from commented to uncommented.
- cd /etc | sudo sysctl -p
- sudo tailscale up — advertise-exit-node
Finally, Go to the Tailscale dashboard and find your machine. Click on the three dots to its right and select Edit route settings. Open the use as exit node at the bottom.
That is all! You now have a private vpn running on the wireguard protocol. Right-click the client you downloaded to your computer and select your server under the Exit node. The moment you choose, your vpn service will be activated.