Skip to main content

Tutorial: Adding Users to Access Server


This tutorial covers authentication, creating users, and downloading OpenVPN Connect.


This document provides an overview of setting up authentication, creating users, and downloading OpenVPN Connect, which are all essential to launching your VPN.

  • An installed Access Server.

Configure your server's authentication before adding any user accounts. The default authentication method is local, where the authentication resides on your server. If you choose this authentication method, you can skip forward to adding new users.

For other authentication methods, refer to the appropriate tutorial:


This is an important step for local authentication. If you use LDAP, RADIUS, or SAML, your users should exist with your identity provider. You can add them in the Admin Web UI to create access control rules, a recommended security step.

  1. Sign in to the Admin Web UI.

  2. Click User Management > User Permissions.

  3. Enter the username in the New Username field on the last table row.

  4. Configure the settings for the new user with the checkboxes:

    • Click Admin to promote the user to an admin.

    • Click Allow Auto-login to allow downloading an auto-login profile.

    • Click Deny Access to prevent the user from gaining access to the server.

    • Click Delete to remove the user profile from Access Server.

  5. Click More Settings.

    • Additional user settings display.

  6. Select the user's authentication method.


    You can leave the authentication as the default method or choose a different authentication method by selecting the radio button. If the option is disabled, you must first configure the authentication method before it’s available for users.

  7. Enable MFA if desired.

  8. Enter a password in the Password field.

  9. Select between dynamic or static IP address assignments.


    If you assign a static IP address, ensure it's within the network defined in Configuration > VPN Settings.

  10. Select between NAT or routing.

  11. Limit your user to specific networks by entering the subnets under Allow Access To these Networks.

  12. Select whether to create the user as a gateway client.

  13. Permit traffic from the server to the client with the DMZ settings. Ensure you specify the IP address, port, and service. The image below shows how an Access Server node with the IP address can send traffic to the user client using the TCP protocol on port 80:


Once you've set up your users, they can sign in to your Access Server Client Web UI and download either a preconfigured OpenVPN Connect client or a profile file. If you’ve already set up a hostname, your users can navigate to that hostname in a browser, such as If you aren’t using a hostname, your users must go to the IP address of your server. Users sign in with their credentials on the Client Web UI and choose which app they want to download for their OS.

Your users can also download OpenVPN Connect directly from our website. After downloading, they install and launch the app, click to add a new connection, enter the Client Web UI URL with their credentials, and import their profile.

Access Server provides you with two free connections. You can test out your network setup prior to making any commitments or purchases. When you’re ready to add more devices, you can purchase a subscription.

You can find details about pricing here: Access Server Pricing.