Listing Thumbnail

    Internet Access VPN Server IKEv2 EAP-MSCHAPv2 with a Control Panel

     Info
    Free Trial
    AWS Free Tier
    This product has charges associated with it for support and pre-configuration of additional packages such as FreeRadius Authorization Server and User Management Web Panel. This VPN server is designed to provide the secure internet access for computers and mobile devices. Easy-to-use. After launching, this VPN server is immediately fully operational. No server setup required. User authentication is based on certificates + username/password. The VPN server has a convenient user management Web Panel. User Management Web Panel allows you to add, delete or edit user records, see the volumes of transmitted traffic, disconnect an existing connection etc. Remote user management via MySQL queries (port 3306) is allowed. Suitable for use by individuals, for small companies as well as for companies that provide access to VPN services.
    Listing Thumbnail

    Internet Access VPN Server IKEv2 EAP-MSCHAPv2 with a Control Panel

     Info

    Overview

    IKEv2 EAP-MSCHAPv2 Internet Access VPN Server based on StrongSwan® technology with RADIUS authentication and User Management Web Panel. This VPN server is intended to provide the secure internet access for computers and mobile devices. It uses AES-256 encryption, which is currently considered strong enough to protect against brute-force attacks. This VPN server is easy-to-use. After launching, it is immediately fully operational. No server setup required. User authentication is based on certificates and credentials (username/password). The speed of data transfer through VPN using IKEv2 protocols is much higher than with OpenVPN encryption with the same computing power of servers. High efficiency of this IKEv2 EAP-MSCHAPv2 VPN server allows using it even on low-performance machines, that may reduce the costs. You can choose a simple instance type like t3.micro, t3.small, t3.medium etc. This VPN server provides a stable VPN connection at the highest possible speed. There is no user limit imposed on the VPN server. It is recommended to determine the number of users based on the server capacity and the actual load experienced by the server. The server works with client devices on Windows, Linux, Android and iOS. To connect Android devices to this server, there is a special application "strongSwan VPN Client" that is more convenient than a standard Android VPN application.

    Areas of use:

    • IKEv2 EAP-MSCHAPv2 VPN server can be used to provide the secure internet access for computers and mobile devices.
    • This VPN server can be used to provide internet access in countries where the authorities restrict the Internet.
    • Suitable for use by individuals, for small companies as well as for companies that provide access to VPN services.

    The key features of this VPN Server:

    • Easy-to-use. After launching, this VPN server is immediately fully operational. No server setup required.
    • This server works with client devices on Windows, Linux, Android and iOS.
    • Authentication with certificates (IKEv2) + username/password (EAP-MSCHAPv2).
    • It uses AES-256 encryption, which is currently considered strong enough to protect against brute-force attacks.
    • A convenient VPN client for Android ("strongSwan VPN Client") that has more features than a standard Android VPN client
    • User Management Web Panel. You can add, delete or edit user records. You can see which users are online, you can see the volumes of transmitted traffic. Remote user management via MySQL (port: 3306) is supported.
    • Very high speed of the VPN channels. Optimal server configuration provides the highest possible data transfer rate.

    This server based on strongSwan® open source project © 2023 by The strongSwan Team

    Highlights

    • Easy-to-use. After launching, this VPN server is immediately fully operational. No server setup required.
    • Very high speed of the VPN channels. Optimal server configuration provides the highest possible data transfer rate.
    • It uses AES-256 encryption, which is currently considered strong enough to protect against brute-force attacks.

    Details

    Delivery method

    Delivery option
    64-bit (x86) Amazon Machine Image (AMI)

    Latest version

    Operating system
    Debian 11

    Typical total price

    This estimate is based on use of the seller's recommended configuration (t3.micro) in the US East (N. Virginia) Region. View pricing details

    $0.073/hour

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Free trial

    Try this product at no cost for 5 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

    Internet Access VPN Server IKEv2 EAP-MSCHAPv2 with a Control Panel

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covering your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Usage costs (82)

     Info
    Instance type
    Product cost/hour
    EC2 cost/hour
    Total/hour
    t2.nano
    $0.063
    $0.006
    $0.069
    t2.micro
    AWS Free Tier
    $0.063
    $0.012
    $0.075
    t2.small
    $0.063
    $0.023
    $0.086
    t2.medium
    $0.063
    $0.046
    $0.109
    t2.large
    $0.063
    $0.093
    $0.156
    t2.xlarge
    $0.063
    $0.186
    $0.249
    t2.2xlarge
    $0.126
    $0.371
    $0.497
    t3.nano
    $0.063
    $0.005
    $0.068
    t3.micro
    AWS Free Tier
    Recommended
    $0.063
    $0.01
    $0.073
    t3.small
    $0.063
    $0.021
    $0.084

    Additional AWS infrastructure costs

    Type
    Cost
    EBS General Purpose SSD (gp2) volumes
    $0.10/per GB/month of provisioned storage

    Vendor refund policy

    You may terminate the instance at anytime to stop incurring charges.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    64-bit (x86) Amazon Machine Image (AMI)

    Amazon Machine Image (AMI)

    An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

    Version release notes

    Additional details

    Usage instructions

    STARTING THE SERVER

    1. Launch instance from AMI. Linux username: admin
    2. Attach Elastic IP address to the instance (recommended).

    After launching the server, it is immediately ready to work; no additional settings are required.

    User authentication: certificates + username/password. Server certificates are automatically generated and installed on the server when instance is launched for the first time or after starting the instance if IP address of the instance has changed. User certificates are the same for all users.

    ZIP archive containing client certificates can be downloaded using a web browser:

    • https://[Public IP address]/config/cert-download.php
    • use "config" as username and your instance ID as password.

    User management Web Panel:

    • https://[Public IP address]
    • use "administrator" as username and your instance ID as password.

    When accessing the Web Panel or downloading ZIP archive using the HTTPS protocol, your web browser may display a warning about potential risks due to the use of IP address in the URL. In this case, you should proceed and accept the risks, as our goal is to encrypt traffic, and there is no reason to worry about using IP address in a web browser.

    WINDOWS-CLIENT SETUP

    To set up the VPN client on Windows, you need to perform two main steps:

      1. Install client certificates on Windows.
      1. Create and configure an IKEv2 VPN connection with Extended Authentication Protocol (EAP) EAP-MSCHAP v2.
    1. Installing certificates on Windows computers.

    Unpack the previously downloaded ZIP archive into a separate folder. Certificates should be installed in the "Local Computer" store. To do this, simply run the file "install-cert-win.bat" (administrator account required). As a result, the client certificate "vpnclient@ec2-...amazonaws.com" will be installed to "Local Computer"->"Personal"->"Certificates" store, and the certificate "ADEO VPN root CA" will be installed to "Local Computer"->"Trusted Root Certification Authorities" store, as shown in the picture "cert-console.jpg". You can check this using the MMC console (double-click the file "cert-console.msc").

    1. Creating and configuring the IKEv2 VPN connection with Extended Authentication Protocol (EAP) EAP-MSCHAP v2.

    The VPN connection must be created using standard Windows tools. The VPN connection should include:

    • Server address: public IP address of the instance on AWS
    • VPN Type: IKEv2
    • Extended Authentication Protocol (EAP): EAP-MSCHAP v2
    • Credentials (username and password): see users on the Web Panel.

    ANDROID-CLIENT SETUP

    To set up the VPN client on Android, you need to perform two main steps:

      1. Install client certificates on your Android device.
      1. Install and configure the "strongSwan VPN Client" application from Google Play.
    1. Installing certificates on Android device.

    Upload the file "client-cert.p12" to your Android device and tap on it. Install the certificates using the password "vpn".

    1. Installing and configuring the "strongSwan VPN Client" application.

    Download and install the "strongSwan VPN Client" application from Google Play. Then, create a new profile.

    The profile for the "strongSwan VPN Client" should include:

    • Server address: public IP address of the instance on AWS
    • VPN Type: IKEv2 Certificate + EAP (login and password)
    • User Certificate: select a certificate that you installed
    • CA Certificate: select automatically

    If you decide to use the standard Android VPN client instead of the "strongSwan VPN Client", then the settings should include:

    • Server address: public IP address of the instance on AWS
    • Type: IKEv2/IPSec MSCHAPv2
    • Certificate: select a certificate that you installed

    ADDITIONAL INFO

    For more convenience, phpMyAdmin (database management) is available at:

    • https://[Public IP address]/phpmyadmin/
    • Default username for phpMyAdmin: "administrator", initial password is your instance ID.
    • By default, access to phpMyAdmin is denied in .htaccess file: /usr/share/phpmyadmin/.htaccess

    Support

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    No customer reviews yet
    Be the first to write a review for this product.