Tutorial: Get Started with Access Server
New to Access Server? This tutorial walks you through choosing a deployment method (Linux, cloud, VM, or container), completing initial setup, connecting your first VPN client, and securing your deployment.
Overview
This tutorial helps you get Access Server running from start to finish. It doesn't repeat installation instructions. Instead, it guides you to the right deployment guide for your environment, walks you through initial configuration after installation, and points you to the next steps that matter most for your setup.
Access Server is a self-hosted business VPN solution. You install it on your own infrastructure — Linux, cloud, virtual machine, or container — and manage it through the Admin Web UI. Access Server includes two free connections, allowing you to test the full product before purchasing.

Step 1: Choose your deployment method
Use the table below to go directly to the right guide for your environment:
I want to deploy on... | Use this guide |
|---|---|
Ubuntu (recommended for most users) | |
Debian | |
Red Hat Enterprise Linux, Rocky Linux, or AlmaLinux | |
AWS (bring your own license) | |
AWS (pay as you go) | |
Azure (bring your own license) | |
Azure (pay as you go) | |
Google Cloud | |
IBM Cloud | |
Oracle Cloud | |
DigitalOcean | |
VMware ESXi | |
Microsoft Hyper-V | |
Docker | |
Raspberry Pi | |
Access Server Link |
Note
Not sure which to choose? For most new deployments, installing on Ubuntu is the fastest path to a working server. See System Requirements for the supported operating systems and hardware requirements.
Complete the installation for your chosen platform, then return here for Step 2.
Step 2: Complete the initial setup
After installation, Access Server displays the Admin Web UI URL and temporary credentials in the terminal:
1. Sign in to the Admin Web UI
Open a browser.
Navigate to
https://YOUR-IP:943/admin.Important
Use
https, nothttp. Your browser will show a security warning because Access Server uses a self-signed SSL certificate by default. Select through the warning to proceed. You'll replace this certificate in Step 5.Enter
openvpnas the username and the temporary password from the terminal output.Review and accept the End User License Agreement to proceed to the Admin Web UI.
2. Change the default password
Change the default openvpn admin password immediately after signing in for the first time:
3. Configure the hostname
For VPN clients to connect from outside the network, Access Server needs to know its public hostname or IP address. We recommend setting up a public domain name:
4. Verify Access Server is running
Confirm the service is running from the console:
systemctl status openvpnas --no-pager
Look for
Active: active (running)in the output.
Confirm the service is running via the
saclitool:sacli status
Confirm the output includes
"api": "on"in theservice_statusblock. That indicates Access Server is fully initialized and ready to accept connections.
Step 3: Connect your first VPN client
With Access Server configured, connect a device to verify everything is working before adding more users or configuring advanced settings.
1. Create a user
Create a user to test connection status:
2. Install OpenVPN Connect
OpenVPN Connect is the official VPN client for Access Server. Install it on the developer or end-user device:
Tip
We recommend you install OpenVPN Connect with a bundled connection profile. That way, you can open the app and already have the profile to connect.
3. (If needed) Download a connection profile
A connection profile (.ovpn file) contains everything the client needs to connect to your server. Users can download their profile directly from the Client Web UI at https://YOUR-IP:943.
For other distribution methods, see Connection Profiles.
4. Connect
Once the profile is imported into OpenVPN Connect, select it and authenticate to establish the VPN connection. See more:
Step 4: Configure your VPN
With a working connection confirmed, configure Access Server for your organization's requirements. Use the section links below to navigate to the relevant tutorials:
What you want to configure | Where to go |
|---|---|
Authentication (local, LDAP, SAML, PAM) | |
DNS settings | |
Routing (split tunnel, full tunnel, domain routing) | |
Users and user management | |
Access Controls | |
VPN certificates and PKI | |
Multi-factor authentication (MFA) |
Step 5: Secure your deployment
Before going to production, complete these recommended security steps:
1. Install an SSL certificate
Replace the self-signed certificate with a trusted SSL certificate so clients and admins don't see browser warnings:
2. Configure MFA
Add multi-factor authentication to protect admin and user accounts:
3. Create dedicated administrator accounts
Avoid using the default openvpn account for day-to-day administration. Create named admin accounts and secure the root user:
4. Back up your configuration
Take a configuration backup before making further changes or before any upgrade:
5. Activate your license
Access Server includes two free connections. To support more connections, activate a subscription license: