Skip to main content

The Client Web UI

The following sections detail the screens included with the Client Web UI.

user_login.png

Users can sign in when they first navigate to the Client Web UI. The interface displays a window with fields for entering a username and password. Optionally, if you've configured SAML as an authentication method, it provides a button for SAML authentication.

On this screen, the default display shows the OpenVPN Access Server brand, but you can customize the screen to display your business logo and information. Refer to our branding configuration page for details.

The following screens display for users configured to authenticate with MFA and usernames and passwords.

The enrollment screen displays when a user needs to set up MFA TOTP. They scan the QR code or enter the secret into an app that supports TOTP to generate their time-based one-time password.

mfa_enrollment.png

The TOTP code screen displays when a user is already enrolled in MFA. They enter their time-based code to complete authentication and sign in.

TOTP_screen.png
SAML_login.png

Users configured with the SAML SSOclick Sign In via SAML, which directs them to their SAML provider to sign in with their credentials.

If a user is already signed in with their SAML provider, it skips the authentication step with the IdP and signs them into the Client Web UI.

client_app.png

After successfully authenticating, users arrive at the screen that displays OpenVPN Connect apps, available connection profiles, and other user options.

Tip

If you don't see options or apps for your desired platform, they may be disabled in the Admin Web UI.

The window displays the recommended OpenVPN Connect app based on the user's device. It also shows OpenVPN Connect for all supported platforms:

  • Windows

  • macOS

  • Linux

  • Android

  • iOS

Below the OpenVPN Connect apps, the window displays available connection profiles. Users can download a profile to load into an already installed VPN client. Depending on user configuration, one or more of the following connection profiles are available for download:

  • A user-locked profile.

  • A server-locked profile.

  • An auto-login profile.

profiles_management.png

When a user clicks Profiles Management, the screen displays a section to create a new profile, and a section to delete existing profiles.

When a user creates a new profile, it automatically downloads the connection profile to their device.

Users can delete profiles from this screen when they have existing ones.

change_password.png

When a user clicks Change Password, a screen displays where they can verify their current password and set a new password.

Tip

The administrator can manage two options for passwords in the Client Web UI: whether users can change passwords in the UI, and whether they must meet strict password validation rules for setting a new password.

admin_panel.png

When a user has admin rights granted and signs in to the Client Web UI, a button Go to Admin Panel displays for them. It takes them to the Admin Web UI login if they click it.

When a user clicks Log Out, they log out of the Client Web UI, and the screen returns to the User Login.