Launch the server. This server does not require the powerful computing resources - you can choose basic instance type like B1ls, B1s, B1ms etc. After launching, this server is immediately fully operational. No server setup required.
Linux username: azureuser
User management Web Panel:
http://ipaddress/ or
https://ipaddress/ (recommended)
(Use "administrator" as username and last 12 characters of your Virutal Machine ID (VmId) as password)
When accessing the Web Panel or downloading ZIP archive using the HTTPS protocol, your web browser may display a warning about potential risks due to the use of IP address in the URL. In this case, you should proceed and accept the risks, as our goal is to encrypt traffic, and there is no reason to worry about using IP address in a web browser.
User authentication is based on certificates and credentials (username/password). Server certificates are automatically generated and installed on the server when the instance is launched for the first time, or after the server is restarted with a changed IP address. Client certificates can be downloaded as a ZIP archive from the User management Web Panel. ZIP file contains:
- "client-cert.p12" - file containing 2 certificates required for a client device: a Client Certificate and Trusted Root Certificate. Password to install this certificate: "vpn"
- "install-cert-win.bat" - a file that automatically installs certificates on Windows computers.
- "cert-console.msc" - certificate management file for Windows (to open the certificate management console just double-click this file). Certificate management console can be used to view, add or remove certificates in Windows.
- "qr.png" - a QR-code that contains a link to easily download the certificate to a mobile device.
INSTALLING CERTIFICATES ON WINDOWS COMPUTERS (this method works for all versions of Windows)
Certificates should be installed into store "Local Computer". To do it, simply double-click the file "install-cert-win.bat" (administrator account required). As a result, the client certificate "vpnclient@xx.xx.xx.xx" will be installed to "Local Computer"->"Personal"->"Certificates" store, and the certificate "ADEO VPN root CA" will be installed to "Local Computer"->"Trusted Root Certification Authorities" store. The Certificate management console (double-click the file "cert-console.msc") can be used to check the installed certificates.
CREATING A VPN CONNECTION ON WINDOWS COMPUTERS
The VPN connection should include: - VPN Type: IKEv2
- Extended Authentication Protocol (EAP): EAP-MSCHAP v2
- Server address: public IP address of the server
INSTALLING CERTIFICATES AND CREATING A VPN CONNECTION ON ANDROID DEVICES.
1. Upload the file "client-cert.p12" to Android device and click on it. Install certificates using password "vpn"
2. Create a VPN connection. As a VPN client for Android, it is recommended to use the application "strongSwan VPN Client", which is available on Google Play. The VPN connection of "strongSwan VPN Client" should include:
- VPN Type: IKEv2 Certificate + EAP (login and password)
- User Certificate: "Client's VPN Certificate"
- CA Certificate: select automatically
- Server address: public IP address of the server
If you decide to use the standard Android VPN client, then the settings should include:
- Type: IKEv2/IPSec MSCHAPv2
- Both certificates: "Client's VPN Certificate"
- Server address: public IP address of the server
ADDITIONAL INFO
For more convenience, phpMyAdmin (database management) is available at:
http://ipaddress/phpmyadmin/ or
https://ipaddress/phpmyadmin/ (recommended)
default username for phpMyAdmin: administrator
initial password: last 12 characters of your Virtual Machine ID (VmId)
By default, access to phpMyAdmin is denied in file "/usr/share/phpmyadmin/.htaccess"
