Amazon Virtual Private Cloud Connectivity Options
AWS Whitepaper

Software Remote-Access VPN

You can choose from an ecosystem of multiple partners and open source communities that have produced remote-access solutions that run on Amazon EC2. These include products from well-known security companies like Check Point, Sophos, OpenVPN Technologies, and Microsoft. The following figure shows a simple remote-access solution leveraging an internal remote user database.

Figure: Remote-access solution

Remote-access solutions range in complexity, support multiple client authentication options (including multifactor authentication) and can be integrated with either Amazon VPC or remotely hosted identity and access management solutions (leveraging one of the network-to-Amazon VPC options) like Microsoft Active Directory or other LDAP/multifactor authentication solutions. The following figure shows this combination, allowing the remote-access server to leverage internal access management solutions if desired.

Figure: Combination remote-access solution

As with the software VPN options, the customer is responsible for managing the remote access software including user management, configuration, patches and upgrades.

Additionally, consider that this design introduces a potential single point of failure into the network design as the remote access server runs on a single Amazon EC2 instance. For additional information, see Appendix: High-Level HA Architecture for Software VPN Instances.

Additional Resources

On this page: