Tutorial: How to Secure Access to OpenClaw (AI Agent) with Access Server on Linux
Secure OpenClaw with OpenVPN Access Server. Deploy the AI gateway, configure VPN routing rules, and restrict access so OpenClaw is reachable only through the VPN.
Overview
This tutorial explains how to secure access to OpenClaw, an AI agent gateway, using Access Server on any Linux server. By routing traffic through Access Server, you can ensure that users can access the OpenClaw service only while connected to the VPN.
In this example scenario:
OpenClaw is an AI agent gateway that connects chat applications (such as WhatsApp, Telegram, Discord, and iMessage) to AI agents like GPT-4o or Claude.
This tutorial shows how to:
Deploy OpenClaw.
Configure its web gateway.
Deploy Caddy.
Restrict access using Access Server routing rules.
Verify that access works only through the VPN.
Prerequisites
Access Server (recommended 3.1.0 or newer to use Domain Routing)
A Linux server where OpenClaw will be installed
Tip
OpenClaw can be resource-intensive depending on the AI provider and workload. For best performance, deploy it on a server with at least 2 vCPUs and 4 GB of RAM.
SSH access to your OpenClaw server
A VPN client for connecting to Access Server
Note
In our documentation, we use example IPv4 addresses and subnets reserved for documentation, such as 192.0.2.0/24, 198.51.100.0/24, and 203.0.113.0/24.
Ensure you replace them with valid IPv4 addresses and subnets for your network(s).
Deploy a new Linux server in the same environment as your Access Server. This tutorial uses Ubuntu 24.04 LTS.
Important
Deploy OpenClaw in the same cloud provider or network as your Access Server so both systems share the same private network. If you need to deploy them in separate networks or VPCs, use VPC peering to allow Access Server to route traffic to the OpenClaw server. Refer to your cloud provider's documentation for VPC peering steps.
Create a new Linux server instance in your environment (for example, an EC2 instance, a VM, or a bare-metal server running Ubuntu 24.04 LTS).
Confirm that you can connect to the server via SSH or console before proceeding.
After the instance launches, connect to it using SSH and install OpenClaw.
Open a terminal or SSH client.
Connect to the server using your SSH user. Example command:
ssh -i /path/key-pair-name.pem1 <ssh-user>2@<instance-ipv4-address>3
Replace
/path/key-pair-name.pemwith your private SSH key.Replace
<ssh-user>with your SSH user.Replace
<instance-ipv4-address>with your instance's public IP address.Tip
You can refer to Connect to Access Server via SSH using PuTTY for steps to connect with the PuTTY SSH client from a Windows computer. If you have a different configuration, please follow DigitalOcean’s instructions on connecting to your instance.
Install OpenClaw:
curl -fsSL https://openclaw.ai/install.sh | bash
The OpenClaw Installer handles Node detection, installation, and onboarding automatically. During onboarding, you can configure your AI provider and model access key, or skip and configure them later. For more, refer to OpenClaw Install.
If you skipped onboarding and want to run it again later:
openclaw onboard --install-daemon
You need the OpenClaw gateway token to access the dashboard. There are several ways to retrieve it.
Option A — From the onboarding output:
Near the end of onboarding, the token appears in the Dashboard ready output:
◇ Dashboard ready ──────────────────────────────────────────────╮ │ │ │ Dashboard link (with token): │ │ http://127.0.0.1:18789/#token=ABCDE12345 │ │ Copy/paste this URL in a browser on this machine to control │ │ OpenClaw. │
Copy the token value (for example,
ABCDE12345) and store it securely. You'll use it later to access the OpenClaw gateway.
Option B — From the dashboard command:
Run:
openclaw dashboard --no-open
Example output:
Dashboard URL: http://127.0.0.1:18789/#token=ABCDE12345
Copy the token value (for example,
ABCDE12345) and store it securely. You'll use it later to access the OpenClaw gateway.
Option C — From the config file:
Run:
grep -oP '"token"\s*:\s*"\K[^"]+' ~/.openclaw/openclaw.json
Example output:
ABCDE12345
Copy the token value (for example,
ABCDE12345) and store it securely. You'll use it later to access the OpenClaw gateway.
Caddy acts as the web server for OpenClaw. Configure it to listen only on the server's private IP address.
Install Caddy. Refer to the Caddy installation documentation for your Linux distribution.
Retrieve the server's private IP address (in this case, we'll get the one for eth1):
PRIVATE_IP=$(ip -4 addr show eth1 | grep -o 'inet [0-9.]*' | cut -d' ' -f2)
Example output:
192.0.2.5
Edit the Caddy configuration to listen only on the private IP:
sudo tee /etc/caddy/Caddyfile > /dev/null <<EOF ${PRIVATE_IP} { reverse_proxy localhost:18789 } EOFRestart Caddy to apply the configuration:
systemctl restart caddy
Verify Caddy is running:
systemctl status cadcy
Verify that OpenClaw is listening on port
18789:netstat -tulpn | grep 18789
Example output:
tcp 0 0 127.0.0.1:18789 0.0.0.0:* LISTEN 3376/openclaw-gatew
If
netstatisn't installed:Ubuntu/Debian:
apt install net-toolsRHEL:
dnf install net-tools
Optional: Configure a domain name
Instead of using a private IP address, you can use a domain name. This lets you configure domain routing in Access Server. Example domain: openclaw.example.com.
Edit the Caddy configuration file to use the domain name:
sudo tee /etc/caddy/Caddyfile > /dev/null <<EOF <DOMAIN_NAME> { tls internal reverse_proxy localhost:18789 } EOFReplace
<DOMAIN_NAME>with the domain associated with your OpenClaw server.Restart Caddy:
systemctl restart caddy
To restrict access to OpenClaw, configure Access Server routing rules so traffic to the OpenClaw host is only available through the VPN.
Important
If your OpenClaw instance is deployed on a specific cloud provider (such as AWS), deploy your Access Server on that cloud provider as well, so both systems share the same private network.
You can also deploy OpenClaw in a different VPC and connect it to Access Server using VPC peering. This allows Access Server to securely route traffic to the OpenClaw server across VPC networks.
Refer to your cloud provider documentation for this.
Sign in to the Access Server Admin Web UI.
Click Access Controls.
The Group and User Access Rules tab is displayed.
Click the Global Access Rules tab.
Under IP Addresses and Subnets, select the routing mode NAT.
This makes the source IP appear as the Access Server private IP.
Enter the OpenClaw server private IP in the IP Addresses and Subnets field. Example:
192.0.2.5
Click Save and Restart.
Optional: Configure domain routing
If you configured a domain earlier:
Stay on the Global Access Rules tab.
Under Domains, select NAT.
Enter the domain. Example:
openclaw.example.com
Click Save and Restart.
Now confirm that OpenClaw can only be accessed through the VPN.
Connect to the Access Server VPN.
Open a web browser.
Navigate to the OpenClaw gateway URL:
https://<openclaw-private-ip>/#token=<openclaw-token>
Replace:
<openclaw-private-ip>with the private IP.<openclaw-token>with your gateway token.
Example:
https://192.0.2.5/#token=ABCDE12345
If using a domain:
https://openclaw.example.com/#token=ABCDE12345
The OpenClaw gateway dashboard should display.
Disconnect from the VPN and try to access the public IP address. The connection should fail, confirming that access is restricted to VPN users.
When you open the OpenClaw dashboard for the first time, two errors may appear. Follow the steps below to resolve them.
"Origin not allowed" error
The Control UI rejects requests from origins not in its allowlist. Add your OpenClaw private IP or domain to the allowlist.
Run the following command, replacing
<openclaw-private-ip>with your private IP:openclaw config set gateway.controlUi.allowedOrigins '["https://<openclaw-private-ip>"]' --strict-json
Example:
openclaw config set gateway.controlUi.allowedOrigins '["https://192.0.2.5"]' --strict-json
If using a domain:
openclaw config set gateway.controlUi.allowedOrigins '["https://openclaw.example.com"]' --strict-json
Restart the OpenClaw gateway service:
openclaw gateway restart
Refresh the OpenClaw dashboard. The "origin not allowed" error should no longer appear.
"Pairing required" error
This error is expected. The gateway requires device approval as an additional security layer on top of token authentication.
List pending device requests:
openclaw devices list
A pending request displays with a Request ID. Example:
ABCD-1234-EFGH-5678
Approve the request, replacing
<request-id>with your Request ID:openclaw devices approve <request-id>
Example:
openclaw devices approve ABCD-1234-EFGH-5678
If successful, an Approved confirmation is displayed.
Refresh the OpenClaw dashboard. You should now be signed in with no errors.
For additional security guidance for OpenClaw, refer to the OpenClaw Security documentation.