1. Launch the server. This server does not require the powerful computing resources; you can choose a simple instance type.
2. Attach the elastic ip to the instance (recommended).
Linux username: admin
After launching, the VPN server becomes immediately fully operational with no additional setup required.
This server supports VPN connections:
When the server is first started, a Pre-Shared Key (PSK) is generated. This key should be specified in the settings on client devices for L2TP/IPSec-PSK connections. This key is the same for all users. You can find PSK with help of SSH on a Linux welcome screen or you can find it in the file "/etc/ipsec.secrets". You can change it, if needed.
User management Web Panel:
https://[Public IP address]
use "administrator" as username and your instance ID as password.
Initially, the database of VPN users contains 1 user named "testuser" with randomly generated password.
When accessing the Control Panel using HTTPS, your web browser may display a warning about potential risks due to the use of IP address in the URL. In this case, you should proceed and accept the risks, as our goal is to encrypt traffic, and there is no reason to worry about using IP address in a web browser.
Web panel description:
https://www.adeoclouds.eu/webpanel.php?server=2
Please note that in order to establish L2TP/IPSec-PSK connection from a client on Windows, you may need to make changes to the Windows registry, otherwise Windows error code 809 or 789 may appear. To fix it:
- in section "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent" create a DWORD (32-bit) parameter "AssumeUDPEncapsulationContextOnSendRule" and set value 2 for it.
- in section "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Parameters" set the parameter "ProhibitIPSec" to 0.
- restart Windows.
For Windows computers, we recommend our utility to easily create a VPN connection in one click:
https://www.adeoimaging.com/vpn_connector.php
Despite the fact that this server supports VPN connection via the L2TP without IPSec, it should be noted that such VPN tunnel can not be considered as secure. Therefore, we recommend using L2TP-IPSec-PSK or PPTP on client devices instead of L2TP without IPSec, if possible.
It should be noted that the simultaneous connections to the VPN server of several Windows client devices that are located behind a single NAT router may not work with L2TP-IPSec-PSK. In this case, we recommend to use PPTP connection for each Windows device. There are no such problems for Android, iOS or Linux client devices.
ADDITIONAL INFO
phpMyAdmin (database management):
https://[Public IP address]/phpmyadmin/
Default username for phpMyAdmin: "administrator", initial password is your instance ID. By default, access to phpMyAdmin is restricted in "/usr/share/phpmyadmin/.htaccess"
Access to the Database via Port 3306:
By default, for security reasons, access to the server through port 3306 is closed. However, the database includes a user named "remote," who has read and write access to the database if this port is opened. This can be useful for managing users remotely via MySQL queries.
Username: "remote", password is your instance ID, database: "radius", tables: "radcheck" - list of users, "radusergroup" - access status for users (Enabled/Disabled).
