Configuration: CWS Settings
About the Page
Configuration: CWS Settings gives you the ability to configure how users access the web server. You can configure certain options such as restricting access to admins, permitting only specific OpenVPN user interfaces the ability to access the web server, or globally change how users change their own passwords.
CWS Settings page:
Configure CWS Access
This section gives you the ability to provide users with access to the Client Web Server (CWS) where they can download clients or profiles for their VPN Connections. By default, Restrict Client Web Server access to Access Server administrators is set to No. This allows users to login at the Client UI and access the CWS. Change this to Yes and only users defined as administrators will have access.
NOTE: This will not prevent access using XML-RPC/REST API. The next section covers that.
Configure CWS Access:
Configure XML-RPC/REST API
The configurations within this section allow you to prevent users from access using the API with the following options:
- Disable API: Prevent users or clients from accessing the Web Server using the API.
- Enable limited API: Allow clients to access the server with a limited API, which will work for most cases requiring programmatic interaction between the CWS and other software.
- Enable complete API: This setting is only necessary if you wish to fully control the Access Server via a custom API client.
Configure XML-RPC/REST API:
Customize Client Web Server UI
With these configuration options, you can control the options users see on the CWS. Any of the available downloads/profiles can be restricted. For instance, if you did not wish to let users download their own profiles, you would turn off user-locked profile.
The last two options provide some password management configuration options. You can choose whether users can change their own passwords on the CWS. You can choose whether to enforce strong passwords when they attempt to make that change. NOTE: Users can only change password when Local Authentication is in use.
Customize Client Web Server UI:
Configuration: CWS Settings gives you the ability to configure access to the Client Web Server. It also gives you configuration settings for what displays on the page once a user successfully logs in.