Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Using a VPN to amazon EC2 instance

Posted on 2015-01-28
10
Medium Priority
?
220 Views
Last Modified: 2015-03-03
I have a Windows 2012 EC2 Instance that I'm launching on Amazon and I want to connect to it from a few different computers using a VPN.

What is the best way to go about this? Is it possible to use the Windows built in VPN client using IPsec?
0
Comment
Question by:Gerhardpet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
10 Comments
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 40577652
Hi,

Can you clarify your question? I am not sure I understand what is that you want. You say you have Windows 2012 Instance and you want to connect it through VPN. If you want strong authentication and encryption this is definitely the way to go. Otherwise you'd open your Remote management port to the world which would be very dangerous.

In your second part you say something but what is the alternative? what VPN Server you're using? Is there a separate VPN service?  Are you using the Windows Built In VPN server? If you're using the Built in VPN server you can easily use the built in IPSec client. What are you current options?  The IPSec is good and widespread but it is not go through in most corporate environments to it. Also the implementation is relatively complex when compared to a SSL VPN.

Until you could elaborate your question this is all I could say to you .

Cheers,
K.
0
 
LVL 1

Author Comment

by:Gerhardpet
ID: 40577966
Correct I want to avoid opening the 3389 port for remote desktop access.

What I'm trying to accomplish is connect from my computer from any ISP to the Windows 2012 instance.

How would I use the built in VPN server in the Windows 2012 instance?
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 40578186
Ok. If this is the case I'll suggest you to use SSTP VPN rather than IPSEC or PPTP. PPTP has a limited bandwith and limited implementation problem. IPSEC requires some TCP packets to be sent along with TCP and UDP ports due to complex implementation. SSTP requires you  to access a single port 443. If you're using this port for your application then you can remove it to a different port.

Here's an article on how to setup SSTP VPN over 2012 Server:
http://www.petenetlive.com/KB/Article/0000819.htm
Another one is here:
http://advancedhomeserver.com/windows-server-2012-sstp-vpn/

Unfortunately Microsoft TechNet documentation on SSTP is a bit stale this is why I've suggested some third party sources for setup.

Cheers,
K.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 40578198
Another option is setting up OpenVPN. OpenVPN implements SSL based VPN and open source and free. There are lots of information over internet for setup. Ican provide you some if you're interested.
0
 
LVL 1

Author Comment

by:Gerhardpet
ID: 40580303
Using Open VPN would't that require an EC2 instance?
0
 
LVL 33

Expert Comment

by:shalomc
ID: 40581506
The recommended way is to launch your EC2 instance inside a VPC, and then map a VPN link between the VPC and your office network.  Of course, if you don't have an office this is irrelevant.. :(
1
 
LVL 1

Author Comment

by:Gerhardpet
ID: 40581625
I have an office but both users connecting to the server are on the road for the most part
0
 
LVL 33

Expert Comment

by:shalomc
ID: 40582198
If you have one of these in your office, then you can configure a permanent VPN link between the office and Amazon, and let your users connect via the office VPN connection.
https://aws.amazon.com/vpc/faqs/#C9
0
 
LVL 1

Accepted Solution

by:
Gerhardpet earned 0 total points
ID: 40622128
I ended up hiring a firm to so the setup for me. Too complicated and I couldn't figure it out.
0
 
LVL 1

Author Closing Comment

by:Gerhardpet
ID: 40641591
No answer
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question