A Virtual Private Network (VPN) is a secure tunnel established between Internet-connected devices. The Programmable Wireless VPN creates this secure pathway using Internet Protocol Security protocol (IPSec) and encrypts all communication between your Programmable Wireless SIM-connected devices and servers.
The Programmable Wireless VPN creates a unique Internet Protocol (IP) address. This allows for constant Mobile Terminated (MT) and Mobile Originated (MO) communications between your server and your devices.
Programmable Wireless VPN set up requires manual input from Twilio, so it can't yet be enabled in the Console. Please contact us if you would like to make use of Programmable Wireless VPN.
VPN Gateway: Firewall (optional)
A network device, such as a router or a firewall, which supports the IPSec protocol suite. The device needs to be assigned an IPv4 address routable on the Internet.:
The system that monitors and controls your incoming and outgoing network traffic. This is usually the same device as your VPN gateway.Your firewall policies should allow your internal servers to communicate with your SIMs.
VPN Gateway: IPsec interconnection with Twilio
A network device, such as a router or a firewall, which supports the IPSec protocol suite. The device needs to be assigned an IPv4 address routable on the Internet.:
There are two supported ways to set up IPsec interconnections with Twilio:
The following information is necessary and required by Twilio, as the VPN provider, to provide a secure tunnel between Programmable Wireless and your VPN-enabled device:
| What | Why | How |
|---|---|---|
| VPN Gateway | To establish an IPSec tunnel between your network and Twilio's. | Router or firewall supporting IPSec VPN could be procured from network equipment manufacturers such as Cisco, Juniper, etc., or by using a cloud service such as AWS or Azure. |
| IPSec phase I and II specifications | To configure your VPN gateway. | You will receive Twilio's IPSec VPN specification. IKE PSK will be sent separately via secure email. |
| IPSec Interconnection method | To configure your VPN gateway. | Ask your network administrator which one of two IPsec configuration methods that work best for you. |
| The number of devices you expect to bring online over a one-year period | To allocate an adequate number of IP addresses and to provide a continuous range of IP addresses. | This will be the number of IP addresses we will carve out for you. You can add to your range in the future. |
| Account SID(s) | So that we know which Twilio account is authorized to use your private connection and financially responsible for it. | See the Console dashboard. |
| Rate Plan SID(s) | VPN-enabled Rate Plans require manual setup by Twilio. | Create a new Rate Plan (or provide an existing one) that will be associated with VPN-enabled SIMs. |
| Sim(s) | Provide lists of Sim SIDs to map to IP addresses. | SIMs must be registered to an account to assign an IP address. |
To use a VPN, you must use a physical Programmable Wireless SIM (2FF/3FF/4FF or embedded). You can order your SIMs using the Console.
The following are required to configure the Programmable Wireless SIM to access your virtual private network:
There is no physical distinction between a regular Programmable Wireless SIM and one with VPN enabled. What differentiates these two SIMs is that the latter is associated with a Rate Plan that is configured for VPN access. To set up such a Rate Plan:
Devices with a Programmable Wireless SIM using the VPN must set their APN to:
wireless-vpn.twilio.com
The following third-party guides will help you configure your servers for VPN.