Skip to main content

Tutorial: Adding Users to Access Server

Abstract

This tutorial covers authentication, creating users, and downloading OpenVPN Connect.

Overview

This document provides an overview of setting up authentication, creating users, and downloading OpenVPN Connect, which are all essential to launching your VPN.

Prerequisites

  • An installed Access Server.

  • Admin Web UI access.

Step 1: Set up authentication

Configure your server's authentication before adding any user accounts. The default authentication method is local, where the authentication resides on your server. If you choose this authentication method, you can skip forward to adding new users.

For other authentication methods, refer to the appropriate tutorial:

  • LDAP tutorial

  • RADIUS tutorial

  • SAML tutorial

  • PAM tutorial

Step 2: Add new users in the Admin Web UI

Tip

This is an important step for local authentication. If you use LDAP, RADIUS, or SAML, your users should exist with your identity provider. You can add them in the Admin Web UI to create access control rules, a recommended security step.

  1. Sign in to the Admin Web UI.

  2. Click Users.

  3. Click Add New User.

  4. Enter the Username and click Save. (Optionally, you can click Add another user to add more than one user at a time.)

    • The Single User page is displayed for the new user. (Optionally, if you added multiple users, the Users page displays. Click on individual users to modify settings.)

  5. Set the user's permissions by optionally assigning them to a group, promoting them to an admin, or allowing auto-login profiles.

  6. Select the user's authentication method.

    Tip

    You can leave the authentication as the default method or choose a different authentication method by selecting the radio button. If the option is disabled, you must first configure the authentication method before it’s available for users.

  7. Enable MFA if desired.

  8. Select between dynamic or static IP address assignments.

    Important

    If you assign a static IP address, ensure it's within the network defined in VPN Server > Subnets > Static IP address pool.

  9. Permit traffic from the server to the client with the DMZ settings.

  10. Select whether to create the user as a gateway client.

  11. Define routing or NAT rules under Group and User Access Rules.

  12. Click Save.

Step 3: Download OpenVPN Connect from the Client Web UI

Once you've set up your users, they can sign in to your Access Server Client Web UI and download either a preconfigured OpenVPN Connect app or a connection profile. If you’ve already set up a hostname, your users can navigate to that hostname in a browser, such as vpn.example.com. If you aren’t using a hostname, your users must go to the IP address of your server. Users sign in with their credentials on the Client Web UI and choose which app they want to download for their OS.

Your users can also download OpenVPN Connect directly from our website. After downloading, they install and launch the app, click to add a new connection, enter the Client Web UI URL with their credentials, and import their profile.

Step 4: Purchase a subscription license to add connections

Access Server provides you with two free connections. You can test out your network setup before making any commitments or purchases. You can purchase a subscription when you’re ready to add more devices.

You can find details about pricing here: Access Server Pricing.

In this section: