Step 0 : Preparation

Let's begin with :

Create/have an account available on AWS

...as explained there... 👆 ...and create your first admin user like this !

Check that you know/learn :

how to open a command line with your version of Windows
how to show file extensions in Windows Explorer
how to set your Windows connections to "private" or "public"

Also useful :

how to create shortcuts in Windows
how to pin shortcuts to the Windows Taskbar

It may also be a good idea to know/learn how to show hidden/system files in Windows Explorer as well...

...and remember you'll end up needing a proper text editor at some point !

Prepare a "safe" place on your own machine.

Create that on another drive than your system C: drive if you can, mandatorily in a place where you have Read+Write permissions...and of course NOT in a "recovery" drive/partition.

We'll create an empty folder to store your whole thing, then empty sub-folders in it to store different types of files by category.

It is always easier to have multiple sub-folders that you can independently rename/move/copy/zip/etc..., rather than a messy bunch of "more or less" related files in a single folder !

I suggest an organization like this one (in this example i prepared sub-folders for 2 GMs = VPN "clients") :

In the T: drive, I created the fg-ovpn root folder, with :

docs for docs & infos you may download in case you need to look them up years later...
⚠️ MY-FG-OVPN for our own FG OpenVPN setup ⚠️
new-PKI for a blank PKI installation, ready to be duplicated to initialize a PKI from scratch
source-install for downloaded installation packages

We also have a separate Tests folder for tests and messing around with temporary things.

Choose a simple "configuration name" for your setup, and try to use it to prefix/idenfity all related things.

This "configuration name" is VERY important : it will be used by configuration scripts; many of the files you will create later on MUST start with it as a prefix, so : better get used to it !

Read this again ! 👆

In this sample setup we use "my-fg-ovpn" for our configuration name...

Got it ? 👆

...and we create the MY-FG-OVPN folder (in capitals to remember it must be kept safe) to store our own FG OpenVPN setup, with these sub-dirs:

my-fg-ovpn-clients will store the complete set of parameter/security files needed for each VPN client (with a sub-folder for each), ready to be zipped/copied/emailed
my-fg-ovpn-s3 will store the source files we'll transfer to the AWS S3 bucket for server auto-initialization
my-fg-ovpn-server could store files you may want to copy from your OpenVPN server (logs,...)
MY-FG-OVPN-PKI will be the "safe" storage for our entire PKI, ready to use at any time if we need to create additional certificates or revoke an existing certificate.

I suggest you ONLY use CAPITAL letters on your local Windows machine, to be reminded of the folders you NEED TO KEEP SAFE, and use lowercase for all folder and file names you will transfer to AWS and the server.

Your OpenVPN server will be Linux-based, which implies case-sensitive !

CAPITAL LETTERS = YOUR MOST PRECIOUS LOCAL FOLDERS.

PreviousSetup process overview NextStep 1 : OpenVPN + Easy-RSA & "new-PKI"

Last updated 3 years ago