Niflheim VPN
Niflheim is a cutting-edge VPN server designed to virtualize private networks between data centers. It provides fast and seamless remote access in a matter of minutes and focuses on the highest security standards while delivering excellent performance. This makes Niflheim an ideal solution for businesses that need to protect confidential data without sacrificing speed or efficiency.
Main features
- Support for IKEv2 with strong cryptographic keys, such as AES-GCM, SHA2, and P-256, for iOS, macOS, and Linux.
- Support for WireGuard on all of the above platforms, as well as Android and Windows 10.
- Creating configuration files (
.conf) and QR codes for WireGuard clients on iOS, macOS, Android, and Windows. - Creating Apple profiles for automatic IPsec setup on iOS and macOS devices, with no client software required.
- Adding and removing users easily and quickly.
- Optional ad blocking using a local DNS resolver.
- Enabling DNS-over-HTTPS (DoH) by default for all clients and requests.
Warning
After you create a VM, the generation of product settings starts automatically. This usually takes about five minutes. During this period, SSH access will be unavailable. This step is essential for complete and secure setup.
-
Get an SSH key pair for connection to the VM.
-
Create a security group in the network where you will deploy the Niflheim VPN VM and configure the following rules:
Traffic direction Port range Protocol Destination / Source CIDR blocks Inbound 22 TCP CIDR 0.0.0.0/0 Inbound 500 UDP CIDR 0.0.0.0/0 Inbound 4500 UDP CIDR 0.0.0.0/0 Inbound 51820 UDP CIDR 0.0.0.0/0 Security groups are used in Yandex Cloud services to control network access to the object they apply to. If you assign a security group without rules to the network interface of a VM, the VM will not be able to send or receive traffic.
-
Create a VM from a public image:
-
Under Boot disk image on the Marketplace tab, enter
Niflheimin the Product search field and select the Niflheim VPN public image. -
Under Network settings, in the Security groups field, select the security group you created previously.
-
Under Access:
- Enter the username in the Login field.
- In the SSH key field, select from the list the SSH key you got earlier.
-
Click Create VM.
-
-
Wait until the VM status switches to
Running.You can use the serial console to monitor the installation progress.
-
Connect to the VM over SSH Use the username you set when creating the VM and the private SSH key you got earlier.
-
Upgrade privileges to
root:sudo su -
Get the administrator password from the
ca-password.txtfile:cat /opt/niflheim/ca-password.txt -
Get the admin credentials for the web interface:
cat /opt/niflheim/admin_access_ui.txt
The web interface is available on port 80.
Make sure to keep the service account password and web interface admin password safe, and do not share confidential information publicly.
- Creating VPN tunnels.
- Securely accessing company resources.
- Connecting network infrastructures through a VPN tunnel.
OpenNix
OpenNix provides technical support to Yandex Cloud users. You can contact their support team at support@opennix.ru. Support is available on business days from 9 a.m. to 6 p.m., GMT+3.
Yandex Cloud
Yandex Cloud does not provide technical support for this product. If you have any issues, please refer to the vendor’s information resources.