Remote Access Admin Guide
This guide takes you through the process of providing secure, remote access to your private networks and resources through OpenVPN Cloud. Your private resources can be located on cloud platforms (IaaS) or on-premises or both. You can quickly build a remote access solution for your employees who are connecting from various regions around the world.
This illustration shows the high-level view of the secure remote access concept. On the left, each user connects to OpenVPN Cloud with the OpenVPN Connect app on their computer, connecting through a secure tunnel to the Region that is closest to their geographic location. On the right, each Connector on your private network establishes a secure tunnel to the geographically closest Region to make your private network accessible from OpenVPN Cloud.
You can easily get your workforce up and running with secure and reliable remote access. Here’s an overview of the setup workflow using default settings and with split-tunneling on:
- Set up your OpenVPN Cloud account.
- Access OpenVPN Cloud | Admin Portal and sign up to give it a try with up to three free connections.
- Create an OpenVPN ID that uniquely identifies your VPN — for example, myopenvpnID.openvpn.com. Your ID lets you administer your VPN network and download the OpenVPN Connect Client and its configuration profile. The Connect client also uses your unique ID to get your user devices connected to OpenVPN Cloud.
- Configure your IaaS and on-premises networks in the OpenVPN Cloud administration portal.
- Access the Networks section and add a new network — configure the routes to your network using subnets, domains, or both. For further information, refer to Adding a Network | OpenVPN Cloud.
- Deploy a Connector on your private network. You can choose your operating system or compatible router and use the quick launch directly in the portal to deploy the Connector.
- More information is available here: Connector Deployment User Guides | OpenVPN Cloud.
- Connect your users.
- You can manually create users in the Users section of the OpenVPN Cloud administration portal. When you add users to your account and include an email address, those users automatically receive an email with instructions for downloading the OpenVPN Connect client and their connection profile.
- If you don’t include an email address when creating new users, you’ll need to send those users the user portal link, username, and temporary password using some other means.
- If you set up SAML or LDAP authentication with OpenVPN Cloud, you can let your workforce know that they can use their existing SAML or LDAP credentials to download the Connect app for their devices and import a profile using your unique OpenVPN ID URL.
- Note that you can also configure User Groups, which lets you set:
- The Regions that users are allowed to connect to.
- The type of authentication needed to establish a connection.
- The maximum number of devices that can access the VPN simultaneously.
- Split-tunneling on or off (routing public internet traffic).
- Refer to these guides for more information:
- Optional - configure access groups to enforce access controls.
- Learn more about configuring access to private services here: OpenVPN Cloud Services | OpenVPN Cloud.
- For information on setting up access groups for those services, refer to OpenVPN Cloud Access Group | OpenVPN Cloud.
- Note: Your access controls aren’t active until your VPN topology is set to Custom.
Once you have completed steps 1 through 3, your users can connect their devices to OpenVPN Cloud and reach the network resources that you’ve allowed them to access. You can then choose to set up granular access and service controls using the guides in Step 4.