
Overview

Product video
This offering is locked to 10 connections. If you need the flexibility to scale, we recommend our PAYG listing instead: https://aws.amazon.com/marketplace/pp/prodview-f5qcwyw2gy256
Access Server for AWS delivers the best-of-breed VPN solution for secure remote access, site-to-site VPN and secure SaaS access for organizations of all sizes. Our award-winning open-source protocol is the industry standard for accessing private information securely, ensuring safe access to internal data and delivering zero-trust network access.
Access Server for AWS is a self-hosted VPN software that provides rapid deployment for secure remote access with a built-in web-based user interface for ease of use. Access Server provides an extra layer of security, with end-to-end encryption and granular access control to limit the risk of exposed data for remote users, site-to-site connectivity, or securing SaaS access and IoT devices. Certificate PKI management provides simplified installation and configuration. Additional features include balancing traffic across a cluster of Access Servers with DNS round robin and tunneling only your private traffic, optimizing your network bandwidth and making your environment more secure.
Access Server for AWS technical support and onboarding is available 24/7. Schedule a demo at https://hs.openvpn.net/request-demo .
OpenVPN client software accommodates Windows, macOS, Linux, Android, iOS, and ChromeOS environments. Includes a built-in local authentication system and support for authentication with Active Directory, PAM, LDAP, RADIUS, SAML, and even a custom Python3 authentication module is possible.
Our subscription model is based on the number of concurrent connected devices. The tiered instance type comes in various sizes and is locked to the specific size. The cost for the software subscription for the chosen tier is charged directly through Amazon. This means these instances get a subscription automatically at launch and are suitable for automated launch and autoscaling scenarios.
Highlights
- This offering is locked to 10 connections. If you need the flexibility to scale, we recommend our PAYG listing instead: https://aws.amazon.com/marketplace/pp/prodview-f5qcwyw2gy256
- A self-hosted scalable secure remote access, site-to-site VPN solution to give your employees the freedom to work securely with end-to-end encryption for accessing SaaS, the internet, and company resources. Essential security controls needed to evolve from a trusted-perimeter security model to an identity-based ZTNA approach.
- OpenVPN client software that accommodates Windows, macOS, Linux, Android, iOS, and ChromeOS environments. Includes a built-in local authentication system and support for authentication with Active Directory, PAM, LDAP, RADIUS, SAML, and even a custom Python3 authentication module is possible.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide

Financing for AWS Marketplace purchases
Pricing
- ...
Dimension | Cost/hour |
|---|---|
t3.small Recommended | $0.123 |
t2.micro | $0.123 |
t3.micro | $0.123 |
m5ad.large | $0.123 |
r5b.metal | $0.123 |
i4i.16xlarge | $0.123 |
t3a.micro | $0.123 |
r5n.8xlarge | $0.123 |
c4.2xlarge | $0.123 |
r5n.large | $0.123 |
Vendor refund policy
Refunds are not provided, but you can cancel at any time.
Custom pricing options
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
For instructions on using the OpenVPN Access Server appliance on the AWS Marketplace, please visit https://openvpn.net/as-docs/aws-tiered.html
Resources
Vendor resources
Support
Vendor support
We offer 24/7 support at https://openvpn.net/support-for-aws/ .
For product activation to succeed your firewall and security group settings must allow connections to our online activation servers. Details on this can be found in our FAQ at
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Standard contract
Customer reviews
Secure remote access has protected critical data and now simplifies role-based user management
What is our primary use case?
One of the main use cases for OpenVPN Access Server is managing secure remote access for our internal teams and technical engineers who need to connect to our private cloud infrastructure and staging environments.
We rely heavily on it to establish stable and secure connections so the team can access the database, internal applications, and server data safely from the server dashboard anywhere in the world.
The web admin UI makes it straightforward to manage user access and it integrates well with our existing authentication setup, which saves us a lot of time on the IT support side.
Our main way of using OpenVPN Access Server is primarily for security, where it saves us from hacking and prevents data from going outside of our secure connection by using this VPN.
What is most valuable?
The best features OpenVPN Access Server offers include security, which protects our data so that no one can access our connection.
We have one secure connection which we are using with OpenVPN, and providing secure remote access for our technical teams to connect to our infrastructure is definitely the main way that we use it in day-to-day life.
The admin web UI is at the top of the list because it makes managing user access incredibly simple without having to use the command line.
Another best feature is its built-in client portal where users can log in and download their own pre-configured profiles, which saves the IT team a ton of manual setup work.
Lastly, the authentication flexibility, specifically how smoothly it integrates with Active Directory and multi-factor authentication, gives us exactly the kind of enterprise-grade security we need.
The web UI and the authentication integration have massively improved our team's daily productivity.
On the IT management side, we do not have to waste time manually writing configuration files or handling complex command line setups just to onboard someone into the company.
Since it syncs seamlessly with our existing authentication and multi-factor setup, user management is basically automated.
For the rest of the team, they can log in to the portal, get what they need, and connect in seconds.
It has cut down on connection-related support tickets, letting everyone focus on their actual work without any technical issues.
OpenVPN Access Server has positively impacted our organization by giving us a highly reliable, stable environment for remote work.
Since we handle critical infrastructure, having a secure gateway that does not drop connections unexpectedly is a huge win.
It has greatly improved our security posture without adding administrative headaches because our engineers and technical teams can securely connect to private cloud resources and databases from anywhere without a glitch.
It ensures our support and operational workflows run smoothly around the clock, giving us total peace of mind regarding work access security.
What needs improvement?
An area for improvement is the pricing model. The concurrent user licenses get expensive pretty quickly as your organization grows, so more flexible pricing options would be a huge plus.
Another area is configurational disconnect. While the admin web UI handles about 90% of what you need, the moment you have to do deep, advanced routing customization, you still have to drop back to the command line interface to make those changes.
It would be great to see those deeper configurations completely integrated into the web portal.
Lastly, it would be awesome to see native support for newer, lighter protocols through WireGuard built straight into the platform alongside standard OpenVPN for better performance efficiency.
For how long have I used the solution?
I have been working in the current field for 2.8 years.
What do I think about the stability of the solution?
I have never faced any network or internet connection speed issues when I am connected to OpenVPN Access Server compared to other VPN solutions. I feel that it is highly stable and perfectly fine for day-to-day corporate work.
For tasks involving accessing databases, managing server infrastructure, or using our internal applications, I really do not notice any lag.
Compared to older VPN protocols through IPsec, it feels much smoother and establishes connections faster.
I do not feel any connection speed issues when using OpenVPN Access Server. Everything looks simple and smooth, and I have not encountered any issues.
OpenVPN Access Server is 100% stable in my experience.
What do I think about the scalability of the solution?
The scalability of OpenVPN Access Server is very natural and incredibly stable. In my experience, we rarely ever deal with unexpected service drops.
It just sits there and does its job, which gives us a lot of peace of mind when our teams are accessing critical infrastructure.
From a purely technical standpoint, it scales very well. You can easily upgrade the underlying hardware resources or spin up additional nodes in a cluster configuration if you need to handle a massive surge in concurrent users.
The only real constraint to its scalability is not technical; it is financial because of the concurrent user licensing model.
Scaling up to support much larger teams gets expensive quickly. So while the software handles growth seamlessly, the budget is really the main thing that we have to plan around as we scale.
How are customer service and support?
It is very easy to raise a ticket with them. We also have email support and a direct help desk we can contact via their service desk number and email, and we can raise tickets using their website portal. It is very easy.
I would definitely rate customer support 10 out of 10. They really respond to our queries so fast and help us in resolving issues.
How was the initial setup?
Installing and setting it up is very easy, especially compared to the community edition of OpenVPN. For example, when we deployed it in our environment, we did not have to build it from scratch or manually script out the installation.
We just pulled a pre-configured image directly onto our virtual machine, and the initial setup wizard walked us through the core settings including setting up the admin password and configuring the primary network interface right in the terminal.
From there, we immediately transitioned over to the web UI to handle the rest of the configuration including setting up our routing paths and subnets.
It took less than an hour to get the fully functioning server up, which is massive time saved for our engineering team.
What about the implementation team?
We use a local authentication method, which is primarily using SAML authentication integration to tie everything into our primary identity provider. We also utilize local authentication for emergency administrator backup accounts.
In terms of effectiveness, I would rate the SAML integration a solid 9 out of 10. It makes mapping user roles and enforcing multi-factor authentication incredibly smooth, meaning our users get a seamless single sign-on experience.
The only tiny friction point is that setting up the initial attribute mapping for custom security groups can be a little tedious in the interface, but once it is logged in, it runs flawlessly and completely automates our lifecycle management for access easier.
I have utilized the access control features of OpenVPN Access Server, and I would rate it 9.5 out of 10.
Instead of letting everyone onto the entire network once they connect, we can use the access control list to restrict access strictly by group or user roles.
Our engineering groups are given precise routing rules so they can hit specific staging subnets and databases, while other teams are restricted to only the internal applications they need for daily work.
It allows us to implement the zero trust principle very effectively at the network level without making the configuration overly complicated for our administrators.
What was our ROI?
We definitely see a clear return on investment from using OpenVPN Access Server, mostly driven by operational time savings and efficiency.
From a technical administrative perspective, the biggest metric is the reduction in manual onboarding time.
It used to take our engineers around 20 to 30 minutes per user to generate keys and distribute profile configurations manually.
Now, with the SAML and Active Directory integration, the process is down to under two minutes, which frees up our senior staff to focus on critical infrastructure tasks instead of managing access tickets.
Additionally, the client portal is so user-friendly that we have seen a massive reduction in routing IT support tickets related to connection drops or profile issues.
While the user licensing cost can add up, the savings in engineering hours and reduction in overhead for support make it a net positive investment for our organization.
What's my experience with pricing, setup cost, and licensing?
I use it for a client, so I do not have much information regarding the pricing, setup cost, and licensing.
But from what I have gathered, the pricing and setup costs are a little more expensive compared to any other VPN solutions, according to some of my seniors who have been working on this tool for the last five to six years.
The only thing I can advise is that the licensing cost is quite expensive, but it saves a lot of time for our IT engineers so that your senior IT engineers can focus on other ongoing IT issues in the company culture or any other tools they have.
It mainly saves time in configuring user profiles, as everything is automated. It is very easy to configure the rules of our organization, and it blindly follows them in order to create user profiles.
The user-friendly interface allows everyone to understand it easily, and it is easy to install.
What other advice do I have?
We purchase it from AWS Marketplace .
We use the role-defining features, and it has had a huge impact on how we enforce least privilege. Because it integrates so well with our identity provider via SAML, users are automatically placed into their respective groups based on their actual roles the moment they authenticate.
This makes enforcing least privilege practically effortless on our end. Instead of an administrator having to manually assign permissions to individual users every single time, the server reads the group role and immediately locks down or opens up access to a specific subnet based on the profile.
It ensures our security policy is strictly followed without creating any extra manual work or friction for our IT team or support team.
The user interface for OpenVPN Access Server is very user-friendly, very easy to understand, very easy to configure, and very easy to install in our virtual machines.
On the end-user side, the client web portal is completely foolproof. It is incredibly simple, allowing users to log in, see exactly what they need, and download their pre-configured connection profiles without any confusion.
On the administrative side, the admin web UI is highly organized and straightforward. It moves away from complex command-line configuration and lays out user management, routing rules, and authentication settings in a very logical menu system.
My only real critique is that it looks a bit traditional or dated compared to some modern SaaS dashboards, but from a purely functional perspective, it gets the job done cleanly and makes managing an entire team really intuitive.
Regarding AI capabilities, OpenVPN Access Server does not actually have built-in AI features right now. It is primarily a straightforward core networking and security tool.
However, looking at its overall governance and traditional security, it is exceptionally solid. The platform excels at access control, encryption standards, and secure logging, which gives us great oversight and compliance tracking for who is accessing our network infrastructure.
Regarding the accuracy and reliability of its output, OpenVPN Access Server does not actually have any native or built-in AI capabilities right now.
It is strictly a dedicated virtual private network and secure routing platform.
But if we look at the accuracy and reliability of its output from a pure networking standpoint, meaning connection stability, correct routing rules, and steady traffic management, it is incredibly reliable.
When you configure an access rule or subnet mapping, it works exactly as intended without bugs or random drops.
The platform is rock-solid on performance and does exactly what it is configured to do. It does not use artificial intelligence to get that done.
I would rate this product an overall 8 out of 10.