IPsec VPN for IoT

IoT devices become part of your corporate network

The IPsec VPN for IoT extends your private network to the SIM cards. All SIM cards are assigned with a static IPv4 address that becomes part of your private network. A secure and highly scalable VPN for projects of all sizes.

IPsec VPN for IoT
 
 
 
 
 
 
IPSec Static IP

Always the same IP

With the IPSec VPN, the static IPv4 IP addresses of your SIM cards become part of your company’s private network. Our redundant VPN gives you access to all cellular networks with the same configuration and a single static IP address.

 
IPsec VPN for IoT

Resilient and scalable

The IPSec VPN is redundant by design and includes two tunnels to two remote sites. Ensuring uptime and access at all times. Our team helps you to tailor this service to your network architecture. The VPN scales automatically to your bandwith needs to ensure reliable connectivity.

 
 
IPsec VPN for IoT Specifications

Specifications

Parameter Possible values
Phase 1 & 2 Encryption AES128 / AES256
Phase 1 & 2 Integrity SHA1 / SHA2-256
Phase 1 DH Group # 2, 14, 15 ,16, 17, 18, 22, 23 or 24
Phase 2 DH Group # 2, 5, 14, 15 ,16, 17, 18, 22, 23 or 24
IkeVersion IKEv1 / IKEv2
 
IPsec VPN for IoT Pricing

Pricing

There are no setup fees for the IPSec VPN and has a minimum contract term of only 3 months.

$149 / €139

Per Month for unlimited number of SIM cards

 
 
 

IPSec VPN in detail

Secure connectivity
Olivia's IPSec VPN creates IPSec tunnels to your data centers or branch offices. Traffic in the tunnel between these endpoints can be encrypted with AES128 or AES256 and use Diffie-Hellman groups for key exchange, providing Perfect Forward Secrecy. The IPSec VPN will authenticate with SHA1 or SHA2 hashing functions.

Highly available
IPSec VPN delivers high availability by using two tunnels across multiple geo redundant zones. Traffic stream primary through the first tunnel and the second tunnel is used for redundancy — if one tunnel goes down, traffic will be routed through the other tunnel. IP management for this setup is handled by Olivia, so a single static IP address is available for each SIM card.

Connect to your SIM cards

The static IP address of your private subnet will be assigned and made available in our SIM platform. Now you can access your device via the static private IP address from within your own corporate network.

 
IPSec for IoT VPN
 
 
 

Frequently Asked Questions about the IPsec VPN

 
 
 

Setup

What IKE version do you support?

We support both IKEv1 and IKEv2. We prefer the modern IKEv2 as it uses less bandwidth, and it supports NAT.

What ranges should I avoid when choosing my subnet?

During integration, our team will advise on the best setup regarding subnets. We prefer to not disclose any IP information publicly.

Can I test the IPSec VPN?

In the early stages of your projects, it’s best to use our OpenVPN service. It’s set up in minutes and allows you to work on your project while protect with a VPN.

How long does it take to setup an IPSec VPN?

We move fast. In collaboration with your team, we can set this up in one day. The setup is probably finished before the SIM cards arrive by mail.

What size subnet can I make available for the IPsec VPN?

Our default recommendation is a subnet mask of 24 bits. We can assign up to 3 subnets, so there are no limits to a growing your project exponentially.

 

Connection

How do you assure uptime for my VPN?

Our core is available in three different availability zones in AWS. It is cross-operator compatible and connected via four geo-redundant VPN connections. This ensures a near 100% uptime of our services.

From our Mobile Cloud Core, we connect to your private network via two IPsec tunnels to two endpoints. These can either be two availability zones hosted by your cloud provider or two remote locations. It is also possible to connect to just one location.

How many SIM cards can one IPSec VPN support?

The IPSec VPN can be used by an unlimited number of SIM cards. It scales automatically when more bandwidth is required.

Can my SIM cards access the internet?

Yes, your SIM cards will still be able to access public IP addresses. The traffic is routed to the internet via our NAT gateway and is protected against inbound traffic. Upon request, we can disable all incoming traffic from the internet.

I need a dedicated network connection. Is that possible?

We can extend the IPSec VPN with a dedicated network connection to our core and avoid an internet-based connection. Talk to our team about your project and requirements.

 

Security

How secure is the IPSec VPN?

IPSec VPN is used by most Fortune 500 companies to connect their on-premises data centers to the cloud. It supports a high level of encryption, and with our thorough procedures we ensure top tier security.

What authentication method do you support?

Our preferred method is a pre-shared key (PSK) that we distribute in a secure way (i.e. not via email). Each tunnel will have its own PSK.

What Phase 1 & Phase 2 Encryption algorithms do you support?

We recommend to use AES256, as it is considered to be the industry standard. We also support AES128.

What Phase 1 & Phase 2 Integrity Algorithms do you support?

We support SHA1 and SHA2-256.

What Diffie-Hellman key group numbers do you support?

Phase 1: 2, 14, 15, 16, 17, 18, 22, 23 and 24
Phase 2: 2, 5, 14, 15, 16, 17, 18, 22, 23 and 24

 

Account & billing


What SLA do you provide on the IPSec VPN?

Our service on default is fully redundant and scalable. The IPSec VPN in combination with our connectivity services comes with a Service Level Agreement. Talk to our team to request an example or discuss your custom needs.

What is the minimum contract term of the IPSec VPN?

The IPSec VPN has a minimum contract term of 3 months and can be cancelled monthly after.

How is the IPSec VPN billed?

The IPSec VPN is available with a flat rate of $149 / €139 per month (includes 2 tunnels). There are no additional charges for the VPN tunnels. Charges for SIM cards, subscription- and data fees still apply.

 

Still have questions about using IPsec?