Skip to main content
Altostrat’s Managed VPN is a turnkey cloud service that simplifies the creation of secure, private networks. It eliminates the complexity of manually configuring and maintaining traditional IPsec or WireGuard tunnels, allowing you to build a robust connectivity fabric for your sites and remote users in minutes. The service orchestrates a secure hub-and-spoke topology, where a central, cloud-hosted gateway (Instance) provides private connectivity for your distributed MikroTik routers and remote workers (Peers).

Core Concepts

Our Managed VPN is built on two fundamental components: Instances and Peers.

What is an Instance?

An Instance is your private, cloud-hosted VPN concentrator or server. You deploy an instance in a specific geographical region to ensure low latency for your connected peers. The instance acts as the central hub of your VPN, controlling network settings, routing, and DNS for all connected peers.

What is a Peer?

A Peer is any device that connects to your VPN Instance. There are two types:
  • Site Peers: Your SDX-managed MikroTik routers, connecting via OpenVPN or WireGuard. Connecting a site peer makes its local subnets securely accessible to other peers.
  • Client Peers: Individual remote user devices (laptops, phones), connecting via WireGuard. This allows your team to securely access network resources from anywhere.

Primary Use Cases

The Managed VPN service is designed to solve two primary connectivity challenges:

Site-to-Site Connectivity

Securely connect your branch offices, data centers, and other physical locations. Once two sites are connected as peers to the same instance, they can communicate with each other’s private subnets through the secure cloud hub, creating a seamless private network over the public internet.

Secure Remote Access for Users

Provide your team with secure, one-click access to internal network resources. Instead of exposing services to the internet, users connect to the VPN instance and can access internal servers, file shares, and applications as if they were in the office.

How It Connects to Your Bill

Altostrat’s Managed VPN is integrated with your workspace’s subscription plan. Each Peer you create (whether a Site Peer or Client Peer) consumes one seat from your available resource pool.
  • Initial Capacity: Each VPN Instance you create includes a base capacity of 10 seats at no additional cost.
  • Scaling Up: If you add more than 10 Peers to an instance, each additional peer will consume one seat from your subscription.
  • Billing Example: Connecting 2 sites and 3 users to an instance will consume 5 seats total.

Billing and Subscriptions Guide

For a complete overview of how resource metering and subscriptions work, please see our main Billing and Subscriptions guide.

Next Steps

Now that you understand the core concepts, you’re ready to build your first secure network.

Configuring a Managed VPN

Learn the practical steps to create your first VPN instance, add site and client peers, and manage your secure network.