Overview
PPTP/L2TP-IPSec-PSK VPN Routing Server with User Management Web Panel. This VPN server allows multiple computers to see each other when they are connected to this server. Additionally, it can provide secure internet access for client computers through VPN, and the option for such internet access is controlled on the client side (e.g., using the 'Use the default gateway on the remote network' checkbox on Windows). The server supports standard protocols PPTP and L2TP/IPSec-PSK, which are natively supported by Windows, Android, Linux, and iOS without requiring third-party software on the client side.
High server efficiency enables its usage even on low-performance machines, potentially reducing costs. User access to the VPN server is controlled through the web panel or remotely via MySQL (port: 3306).
Areas of use:
- This VPN server can be utilized to facilitate remote work for employees by creating a virtual network through VPN tunnels, connecting computers located in different locations.
- The VPN server enables networking of remote computers, even if they do not belong to a domain or have different workgroup names. This can be beneficial for small businesses and home computers that lack their own domain name server.
- Furthermore, it can provide secure internet access for client computers through VPN. The option to enable or disable such internet access is available on the client side.
Key features of the VPN routing server:
- Easy to use, the VPN server is fully operational immediately after launching without requiring any server setup.
- High performance, allowing for usage on low-performance machines, potentially reducing costs.
- The server can reserve an IP address for each user in the virtual network, which remains consistent each time the user connects to the VPN server.
- There is no limitation on the number of VPN users. The default configuration includes a pool of 250 reserved static IP addresses for VPN users, which can be extended.
- Supports standard PPTP and L2TP/IPSec-PSK connection protocols, compatible with Windows, Android, Linux, and iOS without the need for additional third-party software on the client side.
- User management web panel enables the addition, deletion, or modification of user records. It also provides information on currently connected users. Remote user management via MySQL (port: 3306) is supported.
- Ensures a high level of security with strong encryption algorithms safeguarding VPN communication.
Highlights
- This VPN Server is easy-to-use. After launching, the VPN Server is immediately fully operational. No server setup required. The maximum number of VPN users is not limited.
- VPN Server supports standard protocols PPTP and L2TP-IPSec-PSK. The unique feature of this VPN Server is the ability to reserve the IP address for each user in the virtual network, which will be used every time the user connects to the VPN server.
- High server efficiency of this VPN server allows using it even on low-performance machines, that may reduce the costs.
Details
Typical total price
$0.072/hour
Pricing
Free trial
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
|---|---|---|---|
t2.nano | $0.063 | $0.006 | $0.069 |
t2.micro AWS Free Tier | $0.063 | $0.012 | $0.075 |
t2.small | $0.063 | $0.023 | $0.086 |
t2.medium | $0.063 | $0.046 | $0.109 |
t2.large | $0.063 | $0.093 | $0.156 |
t2.xlarge | $0.063 | $0.186 | $0.249 |
t2.2xlarge | $0.063 | $0.371 | $0.434 |
t3.nano | $0.063 | $0.005 | $0.068 |
t3.micro AWS Free Tier | $0.063 | $0.01 | $0.073 |
t3.small | $0.063 | $0.021 | $0.084 |
Additional AWS infrastructure costs
Type | Cost |
|---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
You may terminate the instance at anytime to stop incurring charges.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
STARTING THE SERVER
After launching, the VPN server becomes immediately fully operational with no additional setup required.
Linux username: admin
This server supports VPN connections:
PPTP (login, password)
L2TP without IPSec (login, password)
L2TP/IPSec-PSK (login, password, PSK).
When the server is first started, a Pre-Shared Key (PSK) is generated. This PSK key is the same for all VPN users. You can find PSK on a Linux welcome screen or you can find it in a file "/etc/ipsec.secrets". You can change it, if needed.
User management Web Panel:
https://Server_IP_Address/daloradius/
Please use "administrator" as username and your instance ID as password.
When accessing the Control Panel using the HTTPS, your web browser may display a warning about potential risks due to the use of IP address in the URL. In this case, you should proceed and accept the risks, as our goal is to encrypt traffic, and there is no reason to worry about using IP address in a web browser.
WINDOWS-CLIENT SETUP
In order to establish L2TP/IPSec-PSK connection from Windows, you may need to make changes to the Windows registry, otherwise Windows error code 809 or 789 may appear. To fix it:
- in section "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent" please create DWORD (32 bit) parameter "AssumeUDPEncapsulationContextOnSendRule" and set value 2 for it.
- in section "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Parameters" set parameter "ProhibitIPSec" to 0.
- restart Windows.
When creating a VPN connection on Windows, you can use the "Use the default gateway on remote network" checkbox in order to allow/deny sending all traffic through the VPN.
It should be noted that the simultaneous connections to this VPN server of several Windows client devices that located behind a single NAT router may not work with L2TP-IPSec-PSK. In this case, we recommend to use PPTP connection for each Windows device.
CONNECTION OF 2 COMPUTERS THROUGH VPN
Web Panel allows you to assign static (fixed) or dynamic IP addresses to VPN clients.
When the server starts for the first time, it creates 2 test users: "user1" (10.1.1.10) and "user2" (10.1.1.20) with randomly generated passwords, so you can try to establish 2 simultaneous VPN connections from 2 different computers to check the visibility of these computers through this VPN server. You can find passwords for these users on a Linux SSH welcome screen or in user management web panel.
After 2 VPN connections Client-Server have been established, you can ping both of your client computers to make sure that they can see each other: in Windows computers you can click "Run..." menu item of Start Menu, then print "cmd" to open Command Prompt and then execute command: "ping 10.1.1.20" (or "ping 10.1.1.10" on another computer respectively).
After successfully completing the ping test, you can establish the secure connection between remote computers via VPN. In Windows computers, you can click "Run..." menu item of Start Menu and execute the command like "\\10.1.1.20\" to see the shared folders of another computer.
ADDITIONAL INFO
phpMyAdmin:
https://ipaddress/phpmyadmin/
Default username for phpMyAdmin: "administrator", initial password is your instance ID.
By default, access to phpMyAdmin is denied in .htaccess file: /usr/share/phpmyadmin/.htaccess
In addition to the web control panel, you can manage user accounts directly through MySQL (port 3306, username: remote, password is your instance ID, database: radius, table: radcheck - list of users, table: radusergroup - access status for users). The database is readable and writable via 3306 port.
The default local network is 10.1.1.0/24. To change the local network (for example, to 192.168.50.0/24) please run: 'sudo bash /home/admin/set_network.sh 192.168.50.0'
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
A few words after creating of a small local network
Well, I finally found the option to reserve static ip addresses for vpn users so after establishing a vpn connection, the user receives his reserved ip address. On any server, this could be done through editing the config files, but in this server it is implemented through the control panel. It is definitely very convenient especially if you plan to edit the list of users frequently. For some reasons, access to the local computer by domain name does not work for me in my network, but the ability to access by fixed ip address solved the problem. Another thing that I would like to point out is the possibility to enable or disable passing all traffic through the vpn is controlled on a client side. Thus I am quite satisfied with this server, but cannot give the maximum rating due to problems with domain names. Hope it gets resolved.