How to setup a Fixed IP address in AWS

Apr 22, 2022

Steps below outline how to create a proxy server using TinyProxy with a fixed IP address on a port of 9898.

Intro

This guide illustrates how to setup TinyProxy on a AWS EC2 Instance, which is useful for having a fixed IP address if needed to proxy though say AWS lambda apps.

Create an EC2 Instance

  1. Go to on to the EC2 area within AWS Console.

  2. Click on "Launch Instances" button.

  3. Choosing a AMI. Select a Ubuntu Image. E.g. "Ubuntu Server 20.04 LTS (HVM), SSD Volume Type". 64-bit (x86)

  4. Instance type - t2.micro, then click "Next" and leave all defaults till you reach "Configure Security Group".

  5. Security Group

  • In this section, we will setup port access and opening a port for the proxy server which will be 9898.

  • Create a "Create a new security group".

  • In the "Security group name:" enter a name such as "Proxy server security group".

  • Add the following Inbound rules. Notice that the last "Custom TCP" is a custom port of 9898 which will be the port number for TinyProxy.

    Type Protocol Port range Source
    SSH TCP 22 0.0.0.0/0, ::/0
    HTTPS TCP 443 0.0.0.0/0, ::/0
    HTTP TCP 80 0.0.0.0/0, ::/0
    Custom TCP TCP 9898 0.0.0.0/0, ::/0
  1. Click on "Launch"

  2. On the "Select and existing key pair or create a new key pair" dialog option.

  • Select "Create a new key pair".
  • Leave "RSA" key pair type.
  • Give the key pair a memorable name e.g. "proxy-server-key-pair"
  • Click on "Download Key Pair".
  1. Click on "Launch Instances".

Allocate a Fixed IP address

Now that an EC2 Instance is ready, we need to allocate a fixed IP address.

The AWS articles below outline how to do this.

  1. Allocate an Elastic IP address
  2. Associate the Elastic IP address

Connecting to EC2 Instance

Now we need to connect to the EC2 Instance we just created.

  1. Click on the EC2 Instance that was created in the AWS Console.

  2. Click on "Connect".

  3. On the "SSH client" tab.
    a) Follow the steps provided by AWS to see if you can connect via SSH.
    b) If the step above using the command ssh -i "proxy-server-key-pair.pem" [email protected] does not work.

    • Make a note of the username. In this example its ubuntu.
    • Open your .ssh config in your choice of editor. This is usually located in ~/.ssh/config.
    • Add the following host in your .ssh config file. Be sure to change the location of the IdentityFile to where you have saved the key pair.
      # EC2 (eu-west-1) Ubuntu
      Host ec2-52-152-262-58.eu-west-1.compute.amazonaws.com
      User ubuntu
      IdentityFile C:\aws\proxy-server-key-pair.pem
      IdentitiesOnly yes
      
  4. Connect via SSH

Launch a terminal and connect to the EC instance.

ssh ec2-52-152-262-58.eu-west-1.compute.amazonaws.com

Installing TinyProxy

Once connected to EC2, we need to run and update apt-get before we install TinyProxy.

  1. Update and load package information apt-get

    sudo apt-get update
    
  2. Install TinyProxy

    sudo apt-get install tinyproxy
    

Configuring TinyProxy

  1. Edit the tinyproxy.conf

    sudo nano /etc/tinyproxy/tinyproxy.conf
    
  2. Ensure the following configs have been set as shown below

    User tinyproxy
    Group tinyproxy
    
    Port 9898
    
    Allow 127.0.0.1
    
    # Custom Allow
    Allow 0.0.0.0/0
    
    ConnectPort 443
    ConnectPort 563
    ConnectPort 80
    ConnectPort 9898
    
    
  3. Restart the service

    sudo /etc/init.d/tinyproxy restart
    

Verify TinyProxy service is running

service --status-all

Sample output of services running

[email protected]:~$ service --status-all
 [ + ]  acpid
 [ + ]  apparmor
 [ + ]  apport
 [ + ]  atd
 [ - ]  console-setup.sh
 [ + ]  cron
 [ - ]  cryptdisks
 [ - ]  cryptdisks-early
 [ + ]  dbus
 [ - ]  grub-common
 [ - ]  hibagent
 [ - ]  hwclock.sh
 [ - ]  irqbalance
 [ - ]  iscsid
 [ - ]  keyboard-setup.sh
 [ + ]  kmod
 [ - ]  lvm2
 [ - ]  lvm2-lvmpolld
 [ + ]  multipath-tools
 [ - ]  open-iscsi
 [ - ]  open-vm-tools
 [ - ]  plymouth
 [ - ]  plymouth-log
 [ + ]  procps
 [ - ]  rsync
 [ + ]  rsyslog
 [ - ]  screen-cleanup
 [ + ]  ssh
 [ + ]  tinyproxy  <------------------------- tiny proxy is up and running
 [ + ]  udev
 [ + ]  ufw
 [ + ]  unattended-upgrades
 [ - ]  uuidd

Diagnosing TinyProxy logs

  • Checking logs:
    /var/log/tinyproxy/tinyproxy.log
    sudo tail -n100 /var/log/tinyproxy/tinyproxy.log
  • Starting the service: sudo /etc/init.d/tinyproxy start
  • Restarting the service: sudo /etc/init.d/tinyproxy restart

Verify things are working

  1. Run a curl command within EC2

    curl --proxy localhost:9898 https://httpbin.org/ip
    

You should get the same public ip address of the elastic ip.

  1. Run a curl command from your local machine

    curl --proxy <elastic-ip>:9898 https://httpbin.org/ip
    

    You should get the same public ip address of the elastic ip.

Setup a Cron job

Finally, it has been advised to setup a cron job to restart TinyProxy to avoid memory leaks.

As the sudo command is needed in order to restart TinyProxy, we need to update the root Cron tab.

  1. Edit crontab with sudo

    sudo crontab -e
    
  2. Enter a cron schedule

    0 2 * * * /etc/init.d/tinyproxy restart
    
  3. Verify the cron has been added

    sudo crontab -l
    

References: