Nethserver on EC2 and VPN tunnel

NethServer Version: 7.9.2009
Module: Network, Firewall, IPSec

Hi, I’m having some problems trying to deploy a VPN net2net tunnel using NethServer on a EC2 instance. This is what I did:

Deployed a EC2 centos 7 instance on a public subnet
Installed NethServer
Configured the main network interface as red (WAN)
Configured the firewall to allow VPNs

I did the same on another EC2, different account and network settings, but the tunnel remains down (Not active). I’m quite sure the problem is related to the network configuration, since I’m not really shure how to tell NethServer I’m in a public subnet with a public IP assigned.

Network A

Network B

Same configuration, but reversed.

I opened all the traffic on both the security groups.


And Welcome to the NethServer community.

First of all: A VPN connects Internal IP networks together - not external public IPs…

So you’ll need this on both servers:[]=dummy

Adapt the instructions so that you have two distinct internal networks for the VPN:



My 2 cents

Note: A 172.16.x.x is NOT a public, routable IP! It’s a private class subnet equivalent to 10.x.x.x or 192.168.x.x or 172.16.x.x-

1 Like

Thank you for the answer.
I know the difference between a public address and a private address; I also followed the wiki about creating the dummy interface; so now this is how the configuration looks like:

On both sides (clearly the subnets are different). Still, the tunnels are marked as “Not active”. I don’t quite understand what the dummy interface is useful for; i read that the VPN require a red and a green interface to work properly; the tunnel remains down anyway.

Ok, I had the great idea to check the logs and found that actually the two machines were trying to enstablish the tunnel but were failing the authentication because of the identifier; fixed that and now the tunnels are up. Thanks a lot!