Elastic Cloud Gate

AWS Blog

How to setup RRAS SSTP VPN on AWS VPC with Active Directory Authentication – Step by Step – Part 7

In this article we will explain step by step how to setup Windows RRAS SSTP VPN on AWS VPC with Active Directory Authentication.

Part 1 – Setup VPC
Part 2 – Launch EC2 Instance for Active Directory Server and RRAS Server
Part 3 – Setup Active Directory / Domain Controller
Part 4 – Setup RRAS
Part 5 – Configure Active Directory Certificate Service
Part 6 – Configure RRAS
Part 7 – Adjust VPC Configuration
Part 8 – User Computer Configuration

Part 7 – Adjust VPC Configuration

1. Login to AWS Console
2. Go to EC2, select Instances
3. Select RRAS server and from the Actions menu select Networking->Change Source/Dest. Check


4. Click Yes, Disable


5. Go to VPC section, click Subnets
6. Select your private subnetwork
7. From the Summary tab click Route table


8. Select route table, and go to Routes tab


9. Click Edit and click Add another route
a. As destination enter the network IP that you specified as the pool of addresses that will be assign to VPN client – in our example that was – so the destination IP will be
b. Under Target select your RRAS server
c. Click Save


10. You might also adjust rule of other security groups to allow access from client computer over VPN. For example to allows RDP to domain controller you have to allows traffic from VPN subnetwork which in our case is


, ,

Leave a Reply