
Overview

Product video
This offering is locked to 5 connections. If you need the flexibility to scale, we recommend our PAYG listing instead: https://aws.amazon.com/marketplace/pp/prodview-f5qcwyw2gy256
Access Server for AWS delivers the best-of-breed VPN solution for secure remote access, site-to-site VPN and secure SaaS access for organizations of all sizes. Our award-winning open-source protocol is the industry standard for accessing private information securely, ensuring safe access to internal data and delivering zero-trust network access.
Access Server for AWS is a self-hosted VPN software that provides rapid deployment for secure remote access with a built-in web-based user interface for ease of use. Access Server provides an extra layer of security, with end-to-end encryption and granular access control to limit the risk of exposed data for remote users, site-to-site connectivity, or securing SaaS access and IoT devices. Certificate PKI management provides simplified installation and configuration. Additional features include balancing traffic across a cluster of Access Servers with DNS round robin and tunneling only your private traffic, optimizing your network bandwidth and making your environment more secure.
Access Server for AWS technical support and onboarding is available 24/7. Schedule a demo at https://hs.openvpn.net/request-demo .
OpenVPN client software accommodates Windows, macOS, Linux, Android, iOS, and ChromeOS environments. Includes a built-in local authentication system and support for authentication with Active Directory, PAM, LDAP, RADIUS, SAML, and even a custom Python3 authentication module is possible.
Our subscription model is based on the number of concurrent connected devices. The tiered instance type comes in various sizes and is locked to the specific size. The cost for the software subscription for the chosen tier is charged directly through Amazon. This means these instances get a subscription automatically at launch and are suitable for automated launch and autoscaling scenarios.
Highlights
- This offering is locked to 5 connections. If you need the flexibility to scale, we recommend our PAYG listing instead: https://aws.amazon.com/marketplace/pp/prodview-f5qcwyw2gy256
- A self-hosted scalable secure remote access, site-to-site VPN solution to give your employees the freedom to work securely with end-to-end encryption for accessing SaaS, the internet, and company resources. Essential security controls needed to evolve from a trusted-perimeter security model to an identity-based ZTNA approach.
- OpenVPN client software that accommodates Windows, macOS, Linux, Android, iOS, and ChromeOS environments. Includes a built-in local authentication system and support for authentication with Active Directory, PAM, LDAP, RADIUS, SAML, and even a custom Python3 authentication module is possible.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide

Financing for AWS Marketplace purchases
Pricing
Free trial
- ...
Dimension | Cost/hour |
|---|---|
t3.small Recommended | $0.096 |
t2.micro | $0.096 |
t3.micro | $0.096 |
d3.8xlarge | $0.096 |
c5ad.xlarge | $0.096 |
c5n.18xlarge | $0.096 |
c5a.8xlarge | $0.096 |
c6i.12xlarge | $0.096 |
r5.metal | $0.096 |
c5ad.2xlarge | $0.096 |
Vendor refund policy
Refunds are not provided, but you can cancel at any time.
Custom pricing options
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
For instructions on using the OpenVPN Access Server appliance on the AWS Marketplace, please visit https://openvpn.net/as-docs/aws-tiered.html
Resources
Vendor resources
Support
Vendor support
For product activation to succeed your firewall and/or security group settings must allow connections to our online activation servers - details can be found in our FAQ section here: https://openvpn.net/aws-frequently-asked-questions/ . If you experience any problems, you can register for a free account on our website here: https://openvpn.net/support-for-aws/ and then open a support ticket so our technical team can assist you.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Standard contract
Customer reviews
Secure remote access has streamlined our hybrid cloud workflows and reduced onboarding effort
What is our primary use case?
I use OpenVPN Access Server as a VPN to access many of the applications. For example, I access a DataDog website where I monitor many tools and all, using OpenVPN Access Server .
I have been using OpenVPN Access Server for about 12 to 13 months, and our main use is managing secure remote access for our internal teams and technical engineers who need to connect to our private cloud infrastructure and staging environments. We rely heavily on it to establish stable, secure connections so the team can access databases, internal applications, and server dashboards safely from anywhere.
We use a hybrid cloud setup for our deployment of OpenVPN Access Server, which is hosted on virtual machines within our private cloud infrastructure to securely gatekeep our internal applications, main databases, and core staging environments.
For public cloud resources in our hybrid setup, we primarily use AWS and Microsoft Azure to host several of our front-facing applications, customer portals, and some record testing environments. Having OpenVPN Access Server tied into this mix is great because it allows our team to securely hop between our internal private network and these public cloud resources without needing multiple different VPN clients or configuration setups.
What is most valuable?
OpenVPN Access Server offers a secure remote access VPN, web-based administration console, multi-factor authentication MFA support, integration with LDAP, Active Directory, RADIUS, SAML, centralized user and device management, client software for Windows, macOS and Linux OS, Android and iOS.
The admin web UI is easily at the top of the list of best features, making managing user access and subnets incredibly simple without having to mess around with a command line. Another standout is the built-in client portal that lets users log in and download their own pre-configured profiles, saving the IT team a ton of manual setup. Additionally, it has a multi-factor authentication code that flexibly integrates with Active Directory and provides the enterprise-grade security we need.
Overall, OpenVPN Access Server has positively impacted our organization by giving us a highly reliable, stable environment for remote work. We handle critical infrastructure and having a secure gateway that doesn't drop connections unexpectedly is a huge win. It has greatly improved our security posture without adding administrative headaches because our engineers and technical teams can securely connect to private cloud resources and databases from anywhere without a hitch, ensuring our support and operational workload runs smoothly around the clock.
What needs improvement?
The main area for improvement is the pricing model, as the concurrent user license gets expensive quickly as our organization grows. More flexible or tiered pricing options would be a huge plus. Another area is the configuration disconnect, where while the admin web UI handles about 90% of what we need, the moment we need deep advanced routing customizations or to tweak specific variables, we still have to drop back into the command-line interface to make those changes. It would be great to see these deeper configurations fully integrated into the web portal. Additionally, native support for newer, lighter protocols like WireGuard built straight into the platform alongside standard OpenVPN for better performance efficiency would be beneficial.
For how long have I used the solution?
I have been working in my current field for almost 15 to 15 plus years.
What do I think about the stability of the solution?
OpenVPN Access Server is very stable, and we have a hassle-free work experience using it.
What do I think about the scalability of the solution?
OpenVPN Access Server's scalability is much better, ensuring we can handle our growing needs.
How are customer service and support?
For customer support, I rate OpenVPN Access Server 9 out of 10. The ticketing system is responsive, and the technical team knows the product inside and out. Additionally, with such a massive community, we can almost always find immediate answers in their forum or documentation without needing to open a ticket. My advice is to map out your user access groups and routing subnets before configuring the server; this makes it easier to enforce least privilege.
Which solution did I use previously and why did I switch?
We previously relied on a legacy IPsec VPN solution and the standard open-source community edition of OpenVPN. We switched due to the administrative bottleneck, as managing the open-source version required our team to handle everything through the command-line interface, creating individual user configuration files to track down connection failures. It did not have a centralized dashboard or a user portal, which resulted in a massive number of internal support tickets. Moving to OpenVPN Access Server solved all of that by providing the web admin portal and seamless SAML integration, completely automating user management and relieving our administrators.
What was our ROI?
Regarding the return on investment from OpenVPN Access Server, it really comes down to the drastic drop in onboarding and engineering time. Before we implemented it, our senior technical staff had to spend 20 to 30 minutes per user manually generating cryptographic keys, setting up routing rules, and securely transferring profile files to each employee. This was a significant drain on highly skilled personnel, but now with our SAML identity provider integration, the entire workflow takes under two minutes. The platform automatically reads the user role and maps them to the correct network subnets instantly, saving us countless hours of administration overhead every month, allowing our engineering team to focus on managing critical infrastructure rather than grinding through access tickets. For us, that efficiency completely justifies our licensing cost.
What's my experience with pricing, setup cost, and licensing?
The pricing for OpenVPN Access Server is fine and very straightforward, and we did not face any hassles accessing it. The pricing, setup cost, and licensing were within our limits and budget, making it very user-friendly.
Which other solutions did I evaluate?
Before choosing OpenVPN Access Server, we evaluated other options, looking closely at WireGuard and Cisco AnyConnect. Cisco AnyConnect was a strong enterprise contender, but it felt overly complex for our hybrid cloud needs and required locking into their ecosystem, which we wanted to avoid. We valued WireGuard for its raw connection speed and lightweight protocol, but it lacked the necessary enterprise features including a built-in administrative web portal, straightforward SAML integration, and robust access control list. Ultimately, OpenVPN Access Server won out because it offered the ease of management and advanced user governance features we needed.
What other advice do I have?
If I had to give advice to others looking into using OpenVPN Access Server, my biggest recommendation is to carefully map out your user access groups and routing subnets on paper before diving into the configuration. The platform makes it incredibly easy to enforce least privilege and zero-trust principles, but the setup goes smoother if you have a clear architecture of who needs to access what private resources. Utilize the two free concurrent connections to test your identity provider integration, enforce multi-factor authentication, and provide the automation workflow during the testing phase to illustrate how much administrative time you will save, making it easier to justify the licensing cost when scaling up. I rate my overall experience with OpenVPN Access Server an 8 out of 10.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Easy to Use, Quiet in the Background, and Regularly Updated
Intuitive Interface and Easy Network Profile Switching Across Any OS
Easy to Deploy, User-Friendly, Powerful and Reliable VPN.
Pricing can also become a concern as the number of users grows, since the licensing model may feel expensive compared with alternatives like WireGuard-based solutions or cloud-native VPN options. Integrations are functional, but they are not always as seamless as expected with modern identity providers, monitoring tools, or cloud environments.
Performance is generally stable, but depending on configuration and server resources, throughput may not always match lighter VPN solutions. It would be helpful to see a more modern UI, simpler deployment guides, clearer pricing tiers, stronger built-in monitoring, and easier integration with cloud platforms and identity management systems.
The main benefit is that it gives us a centralized way to manage VPN users, permissions, and connections. This is especially useful for teams that need to access private resources from different locations. It also helps reduce risk by keeping sensitive services behind the VPN instead of opening ports publicly.
Overall, OpenVPN Access Server provides a practical and reliable solution for remote connectivity, secure server access, and controlled network access. It benefits us by improving security, simplifying remote work, and giving administrators better visibility and control over who can connect to the network.