This template includes the following options:

• VPN Port and Transport Protocol
• Client CIDR Block: The IPv4 address range, in CIDR notation, from which to assign client IP addresses
• VPC Id, Subnet Ids, and Security Groups to specify the location of the VPN endpoints and associated security group rules
• Server Certificate Arn: The ACM certificate ARN that will be used for the server 
• Authentication Types (You can select one authentication method or a combination of mutual authentication with a user-based method):
  • Mutual (Certificate) Authentication
  • Directory Service Authentication
  • Federated Authentication
• DNS Servers if you want to configure DNS servers for the clients to use (otherwise the local DNS servers on the client machines are used)
• Split Tunneling to control which client traffic is forwarded to the VPN tunnel
• Self-Service Portal to enable a portal that allows users to download the latest version of the AWS provided client and the latest version of the Client VPN endpoint configuration file