Overview
ProL2TP L2TP/IPSec VPN Server can be used to implement a secure VPN. Provides encrypted remote access to on-premise, hybrid, and public cloud resources using industry-standard IPSec security. No client software is needed since L2TP/IPSec support is already built-in to typical Windows, MacOS, Chromebook, Linux and mobile OSes. Supports multiple Windows L2TP/IPSec VPN clients connecting from behind the same NAT gateway.
ProL2TP L2TP/IPSec VPN server uses IPSec client certificates for best-in-class security. Client certificates are automatically created when the appliance is provisioned and a certificate must be distributed to each VPN user to provide VPN access. The server can optionally be configured to also accept IPSec clients using a Pre-Shared Key (PSK), trading off ease of deployment with less security. VPN users are authenticated using either an internal RADIUS server or remote RADIUS servers.
Our licensing model is based on the number of concurrent connected clients. This makes it affordable for any size business and can easily grow with your company. The cost for the license is charged directly through Amazon. Instances are licensed automatically at launch.
ProL2TP L2TP/IPSec VPN Server Appliance is built on Ubuntu Focal and is also available with 20, 100 and 1000-user licenses.
Highlights
- Simple instance setup. Run a setup script to provision the instance, which generates IPSec client certificates and configures all software components ready for use. No additional client software is required in most environments, e.g. Windows, MacOS, Linux, and Mobile OS (Android and iOS) environments.
- Supports multiple L2TP/IPSec clients behind the same NAT device. VPN users are managed using a built-in RADIUS server or a remote RADIUS server.
- Unlike SSH-based VPNs, all data traffic is handled by the Linux kernel in the appliance. As a result, performance is optimal and scalable.
Details
Typical total price
$0.022/hour
Pricing
Free trial
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
---|---|---|---|
t2.micro AWS Free Tier Recommended | $0.01 | $0.012 | $0.022 |
t2.small | $0.01 | $0.023 | $0.033 |
t3.micro AWS Free Tier | $0.01 | $0.01 | $0.02 |
t3.small | $0.01 | $0.021 | $0.031 |
Additional AWS infrastructure costs
Type | Cost |
---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
no refunds
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Fix security issue: CVE-2021-4115. Although the VPN software does not use the affected component itself (polkit), the appliance contains several utilities which use it. This release updates polkit. To update an existing appliance, ensure that security updates from Ubuntu are installed.
Additional details
Usage instructions
When launching a ProL2TP VPN appliance, you will specify several parameters: VPC Settings: Select the VPC network or AWS EC2 network in which you would like to launch the instance. Region: Select the region you would like to launch your instance in. The default is US East (N. Virginia). AWS EC2 Instance Type: Select the instance type you would like to use for your newly launched instance. The micro or small instances should be appropriate for most small workloads, however, you may want to change the instance type to a higher tier if a higher demand is to be expected. You may change the instance type at any time.
After verifying the instance pricing details, initiate the launching process. You should then be able to access the instance on the AWS EC2 console. Allocate an Elastic IP address for your appliance so the IP address is not reclaimed in case of machine failure/shutdown. To do so, visit the Elastic IPs section in the left navigation panel. After launching your instance, login by ssh as user 'ec2-user' using the ssh key that you assigned to the instance. Run "sudo configure-vpn-server.sh" to configure the appliance. This is a simple, text-based application which asks for several parameters and configures the appliance ready for use. For full instructions, please go to https://docs.prol2tp.com/vpn-appliance/admin-guide
Resources
Vendor resources
Support
Vendor support
Support is provided using an online ticketing system (registration required) https://support.prol2tp.com/
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.