How to setup a VPN server in AWS

We are listed in AWS Marketplace, this guide helps you to set up an AWS EC2 instance with our marketplace AMI and On-Premise option.

With the On-Premise option, you can bring in any Ubuntu 20.04 loaded server with a public IPV4 address. It can be at your premise or a physical server located in a data center or a virtual machine (except containers) with a cloud provider on your own account.

Please follow the following instructions to complete the VPN server setup.

1. Create an EC2 instance first. On the Amazon Machine Image (AMI) selection page, select AWS Marketplace from the left side menu options, and search for utunnel. You should see UTunnel VPN in the search result. Click the Select button on the right side and proceed with instance launch.


2. Log in to our dashboard and click on the Create Server button at the top right to create a new server.


3. You will land on the Create Server screen. Here you can provide your billing address details. This step is optional, you can either provide the details and click on the Proceed button or select the Skip button to do it later from the My Account tab on your dashboard.


4. The next step is to select the On-Premise option and enter the server details as given below:

  • Package: You can select from Basic or Standard subscription options
  • Server Type: Select On-Premise
  • Server Name: An easily identifiable name of your choice
  • IP address: Enter the IP address of the newly created EC2 instance
  • VPN accounts: Select the number of VPN accounts you want to purchase
  • Coupon: Enter if you have any coupon available

Click the Proceed button toward the right bottom of the screen.


5. You will be now on the Order Summary screen which displays the details of your order. Click Proceed.

6.  Now enter your credit card details as required on the screen and click on the Pay Now option.

7. You will be redirected to the dashboard now. Here you can see the status of server creation.


8. You will be redirected to the Server Details screen where the registration token is displayed. Please copy the registration token to a safe place, this token is required when you deploy the server.


9. Connect to your server via SSH and complete the registration process. You may need to provide the registration token obtained in Step #8 to complete the registration process. Once the registration is complete, your server will be ready to use. You may run the following commands to register your instance and start UTunnel service on it.

sudo /utunnel/bin/utnservice register YOUR_REGISTRATION_TOKEN

Now it's the time to start UTunnel Service on your server. Run the following command for the same.

sudo /utunnel/bin/utnservice start

Remember to replace the string YOUR_REGISTRATION_TOKEN in the first command with the actual registration token obtained in step #8

10. You also have to make sure that inbound connections to the following ports are allowed to accept VPN connections.

Ports used for OpenVPN connections

  • TCP 443
  • UDP 443
  • UDP 53 (if scramble/obfuscate VPN is enabled)

Ports used for IPSEC connections

  • UDP 4500
  • UDP 500

Ports used for managing UTunnel services like live sessions, firewall, and site-to-site tunneling.

  • TCP 38081

Now your VPN server with AWS is ready to be used. You can invite users into your server and start using the VPN.

Popular Support Articles

How to Update an On-Premise VPN Server

How to Set up a Hetzner VPN Server With UTunnel

Setup UTunnel On-Premise server with Oracle Cloud

How to Deploy a Cloud VPN server

How To Redeploy On-Premise VPN Server

How to set up a UTunnel VPN Server with Vultr