OpenVPN on AWS for China: Setup Guide | Marvelmind

0:01 Hello colleagues. Today we will be talking not about Marvelmind products, but a bit about Marvelmind operations. So we do produce everything in Shenzhen, China, but the problem is that all our services—Google-related services like YouTube, Gmail, and many other services—are not available in China. And we need VPN, but even VPN like typical Express VPN that we are using, for example, is also blocked. So our attempt is to use OpenVPN, our private OpenVPN so that VPN service servers wouldn't be blocked. Our first attempt was to use a Wi-Fi router and run OpenVPN. It's possible, but it looks like it's a bit more complex. And the second—

1:00 Second idea was to use Amazon Web Services. We already have our server marine.com server running on Amazon Web Services, so it was pretty natural. Of course, we browsed. My colleague checked and it looked like a viable solution and relatively easy to do. Relatively easy means not easy. So now we are showing the steps which are required in order to run VPN on Amazon servers. So what to do? Now, first of all, you go to Amazon's catalog. So you go there and type OpenVPN. Press enter. Oh, sorry. Even before that, it's very important to remember that different regions are not the same. So—

1:57 For example, if you run Hong Kong, there will be difficulty to connect to your instances because of whatever peculiarities of Amazon. So since we wanted to have something very close to Shenzhen, where our production is, of course naturally was to use Hong Kong. But it turned out to be problematic. So the next options would be Singapore and Seoul. Both worked pretty fine because connectivity is fast and Amazon Web Services, or at least OpenVPN, works good from those locations. And it didn't go very well in Hong Kong. So this is the problem with Hong Kong—it's very difficult to connect using SSH client. So more complex with Hong Kong and easier with Singapore. So this is why—okay, where we are—okay, here. So then you see it's not found here. So you—

2:56 Go to this. This is your choice. Open the parent access server. Okay, it's only for me, so one access is enough, or they give two, three, or whatever accesses there. Then there's another trick. That by default, they try to give you their small server. Okay, we wanted just a basic Nano because it's cheaper. This is also reasonable price, but still, this is even less expensive. So you choose this, and then you have this button: launch instance from. And you do launch it. And then, of course, you choose where we are—Singapore. Singapore. VPN version 0.2 because we already have one. Then again, this is a nice trick from Amazon. Then once again, choose this. Maybe this is a good option, but okay, we wanted something least expensive. Then, of course, the key. So you need to—

3:56 Have the key. We do have already some keys, but you don't. So you just make another key. Singapore, for example, key two. Um, create it. Quick again, it's very easy when you know. Okay, you save it. Now you can launch the instance. Check again. So Nano—he is there. Launch the instance. So this is the process. It takes a few seconds, and this is the key point which is problematic in Hong Kong and works well in Singapore, in North Virginia, in Seoul, in those regions where we try it—

4:55 But it didn't work in Hong Kong. And it was one of so this easiness to connect—you see it's available in Singapore. Let's close it. And for some reason, doesn't available in Hong Kong. Whatever—we double-checked. Maybe we do something wrong, but it looks like it's simply the difference between different regions, which is weird. Never is the case. So, of course, if you are very familiar with Go, there I'm not. And so this is much easier for me. And then press connect. This is the magic happening right now. Okay, so this is the key for everything. And we struggled in some other places, but this works smoothly when you run it for the first time. Okay, so this is the key part because if you run it for the second time, it doesn't show. And if you lost or forgot something, then there's a problem. So you need to select this and—

5:54 Then type yes. Basically, agree—whatever they ask us to agree to. Primary: yes. Okay, all interfaces: yes. Again, we are not up to their super-duper security. It's just to have a basic connectivity, like, normally. So yes. Okay, also maximum compatibility. We are not after something secure; we are after just to have connectivity. Again, maximum compatibility. Also fine. These are the ports. Again, just to recall—nothing particular, but also something default. And this needs to be changed. So it means that I won't always to be connected over VPN because again that's the whole point—to have connectivity from—

6:51 China as well. Okay, I don't care. So yes. So this is your name, which will be used to access. Okay, password. Okay, typing password. Enter. Just repeating the password. Enter. Nothing about activation key. Have no idea what that is. And this is their—the best part of all. So now it's possible to connect. So I copy-pasted this and I—

7:55 Just, for example, run it. Okay, I have to accept the risk. Now we are using that OpenVPN as they asked, and the password we just created. Okay, I guess I mistyped. One more time. Agreement. So two VPN connections are allowed. I guess more than enough for me. That's basically it. Okay, just to double-check that the—

8:54 Connection is there. So in VPN settings, that it's yes and yes. So the traffic is yes, and our case is yes. So we can return back to whatever instances. Okay, so this is the thing. And now we connect to the client. So once again, this. And, of course, by the way, we have been all the time VPN, so connected with our previous one. But we create the new one and create profile. Again, some risky thing to be accepted. Pay attention to this. So it's now different OpenVPN—

9:54 OpenVPN again. Password. And connect failed. Okay, maybe I don't remember. Hard. Already one more time. That's it. Everything works. To make life easier and not to type the password again and again, you need to switch this off, go to save the password, and type the password one more time. And not at proxy, but this is safe. I don't know why they made it like this.

10:53 And so these are all the soul pass—profile Singapore. And this is newly created. And let's now check what's my IP. Okay, looks like we are in Singapore. Shall we be in Singapore? I already forgot. Did we do it in Singapore? Okay, we did it in Singapore. Very good. So yes, we are now in Singapore. We can check and change and try our Seoul and see where we jump back to Seoul. Let's try. Not the fastest—

11:58 Thing. And the Oscar goes to—so we are still in—we are still in—where? Okay, now we are finally in Seoul. Okay, it works. That was the steps. Hopefully you liked it. If any questions, please do ask us. We are ready to help while we still remember. But hopefully it will work in China as well because we have not tested yet in China. Thank you very much.