Skip to main content
You can deploy the VPN agent directly in your cloud environment to scan resources inside your VPCs and virtual networks. Both AWS and Azure are supported through their respective marketplaces.
VPN profiles require the Internal network scanning add-on.

Deploying on AWS

The VPN agent is available as a pre-configured AMI on the AWS Marketplace.
1

Launch from AWS Marketplace

Go to the Pentest-Tools.com VPN Agent on AWS Marketplace and click Continue to Subscribe.
2

Configure the instance

Choose your instance type (t3.micro or larger) and select the VPC and subnet where your targets are located.
3

Configure the security group

The agent only needs outbound TCP port 22 to vpn2.pentest-tools.com. No inbound ports are required, though you may want SSH access (port 22 from your IP) for management.
4

Activate the agent

SSH into the instance as ubuntu using your key pair. An interactive prompt asks for your VPN UUID (found on the VPN Profiles page). Enter the UUID, and the agent starts automatically.
SSH access is removed from the instance after initial setup. Complete all network or OS-level configuration before entering the VPN UUID.
5

Verify connection

Check that your VPN profile shows as Online in the dashboard.

Instance recommendations

SpecificationRecommendation
Instance typet3.micro or larger
Storage10 GB gp3

Multi-VPC scanning

To scan resources across VPCs, you can use VPC Peering or Transit Gateway to route traffic, or deploy a separate agent in each VPC.
You can also deploy the VPN agent using the Docker image on any cloud VM instead of using the marketplace images. The marketplace images are pre-configured.