vpn_ondemand is a utility that allows you to spin up an openVPN instance in any AWS region and connect to it in a few minutes.

It's especially useful if you're a TV show/Movie fan (or live with one) and want to check out Netlix/Amazon Prime catalogs from other countries. Also comes in handy for bypassing those annoying geo-gating rules some websites like to use.

VPNs run on AWS Linux containers so you only pay for what you use and are more private than third party services.

vpn_ondemand has been tested on Mac and Linux but it should work on Windows as well, there's nothing OS specific

Before you begin, ensure you have met the following requirements:

• Python3. You may want to use a Virtual Environment
• Install Docker and configure it. Instructions
• Sign up for AWS and create an IAM user following these instructions.
• Install aws-cli and configure it with your IAM access credentials. Instructions
• Install boto3. Instructions

Clone the Github repository:

git clone https://github.com/adityawasudeo/vpn_ondemand.git

Generate vpn keys:

cd vpn_ondemand/keys/
./generate_keys.sh

Build the docker image

cd ../vpn/
docker-compose up

Create an AWS ECR repository by following the instructions here. Note down the repository name which you create and the region you created it in. You will push the docker image to this repository and use it to spin up containers in the regions you want a VPN

Tag your docker image with the repository you just created and push it

aws ecr get-login-password --region <region name where your repository lives> | docker login --username AWS --password-stdin <your
repository name>
docker tag vpn_vpn:latest <your repository name>
docker push <your repository name>

Almost done! Now use the helper script to spin up your VPN container in any region you want. The list of available AWS regions is here

Every region has a code. For example Mumbai is ap-south-1, Tokyo is ap-northeast-1. Identify the code of the region where you want a VPN.

SUPPORTED_REGIONS = [
            'us-west-1',
            'us-west-2',
            'us-east-2',
            'us-east-1',
            'af-south-1',
            'ap-east-1',
            'ap-northeast-1',
            'ap-northeast-2',
            'ap-south-1',
            'ap-southeast-1',
            'ap-southeast-2',
            'ca-central-1',
            'eu-central-1',
            'eu-north-1',
            'eu-west-1',
            'eu-west-2',
            'eu-south-1',
            'eu-west-3',
            'me-south-1',
            'sa-east-1',
            'cn-north-1',
            'cn-northwest-1',
           ]

cd ../aws/
python3 initialize_ecs.py <repository name> <region code> 

The script will spin up your containers and generate a config file and vpn keys in the client_keys/ directory.

To stop the VPN

python3 initialize_ecs.py <region code> stop

Import the config and keys in the client_keys/ directory into any VPN client. I have tested with with Tunnelblick on Mac and OpenVPN on Android.

• Web frontend to make spinning up spinning down VPNs easy
• Multi-user support

@adityawasudeo on Twitter

This project uses the following license: BSD 2-Clause License.