A FULL-FEATURED SOLUTION TAILORED TO MEET YOUR VIRTUAL PRIVATE NETWORK (VPN) NEEDS
OpenVPN is the author of the open source Virtual Private Network (OpenVPN) software, which has emerged to establish itself as the de-facto standard in the open source networking space. OpenVPN is also the provider of multi-platform OpenVPN applications across all OS platforms, addressing the market demands for Remote Secure Access, Access Control, and Cybersecurity — protecting businesses of all sizes, all around the globe.
OpenVPN Access Server
OpenVPN Access Server is a set of installation and configuration tools designed specifically for businesses. Access Server secures data communications, provides internet privacy and remote access for employees, secures IoT, and provides secure access to on-premise, data center, or public cloud resources — essentially creating a virtual private network. These tools come in a single package to simplify the implementation of a VPN remote access solution.
Access Server Key Features:
Economical licensing model based on the number of concurrent connected devices
Rock solid, hardened, and scalable VPN server that is easy to set up and manage
Ability to set up fine-grained access controls at user and group levels
Cloud Application Marketplace availability for AWS, GCP, and Azure
Support for both site-to-site and remote access virtual networking
Easy distribution of VPN clients and connection profiles
Access Server is free to install and use for a maximum of 2 simultaneous VPN connections, so you can try it without having to pay first. If you need more connections, the cost is a $15.00 license fee per connected device per year — all updates and 24/7 support included.
Administrator portal provides for intuitive configuration of settings
User connection access logs can be viewed and searched
For those administrators that prefer Command Line Interface (CLI) access, a rich command set is available
FINE-GRAINED ACCESS CONTROL
Global, Group, and User hierarchy allows for methodical access configuration
Rules can be defined at the IP address, protocol, and port granularity
ONE-CLICK CLIENT DISTRIBUTION
Just sharing the web address of Access Server’s Client Portal with your users solves the Client distribution challenge inherent in wide-scale deployments
After authentication, users download their Client installation files or connection profiles directly from the Access Server’s Client Portal
MULTIPLE SECURE AUTHENTICATION MODES
Integrated with two-factor authentication using Google Authenticator
Plug-ins can be used to integrate multi-factor authentication with Duo Security, smart cards and any TOTP based token generators
Users can be authenticated using PAM, RADIUS, LDAP, Active Directory, or a local user database
NO-HASSLE CERTIFICATE MANAGEMENT
OpenVPN Access Server comes built-in with its own internal X.509 PKI, but can also support an external PKI
VPN clients get their certificates bundled with their configuration profiles
TRANSPARENT OPEN SOURCE CODE
Leverages OpenVPN, and OpenSSL open source projects
Code is scrutinized and quick fixes are ensured due to large community support
OPENVPN ACCESS SERVER CAPABILITIES
Provides Layer 3 virtual private networking using OpenVPN protocol. OpenVPN protocol uses SSL/TLS with client and server certificates to perform key exchange and mutual authentication. OpenVPN is firewall and web proxy friendly as encrypted traffic is tunneled via UDP or TCP.
OpenSSL provides the core for secure communications and cryptography. The crypto suite can be customized to suit your needs, the defaults are AES-256-CBC cipher for encryption, HMAC-SHA256 for authentication, Diffie-Hellman Group 1 4, and 2048-bit RSA key length.
Linux OS Support
Red Hat Enterprise Linux, CentOS, Ubuntu, and Debian.
Supports MySQL (defaults to SQLite database)
Cloud Image Availability
Amazon Web Services (available from AWS Marketplace). Both BYOL and Tiered
Microsoft Azure (available from Azure Marketplace)
Google Cloud (available from Google Cloud Platform Marketplace)
Prepared VM images are available for Microsoft Hyper-V and VMWare ESXI
Client OS Support
OpenVPN Connect clients are available for Android, iOS, macOS, and Windows. OpenVPN open source client is included in all major Linux distributions.
IP address, DNS servers, WINS server, specific routes, client-side scripts1.
Supports local user database, Pluggable Authentication Modules(PAM), LDAP, secure LDAP, Active Directory, and RADIUS
X.509 certificate PKI solution is built-in. Integration with external PKI is available
‘MAC address lock’ as an additional security method is supported
Multi-factor authentication is supported in various forms. For example, Google Authenticator is built-in, and two-factor authentication using smart cards, Duo Security, or other TOTP based token generator can be added as a plug-in
User name/password authentication
Software firewall can be configured with access control rules to specify which user or group has access to what IP addresses or subnets, and if VPN clients can route to each other or not
Access to services can be controlled by IP address, protocol, and ports
Full-tunnel and split-tunnel redirection are possible (all VPN client Internet traffic goes through the VPN tunnel, or only specified traffic).
Command Line Interface (CLI), XML-RPC API, and Administration web portal
Multiple Access Servers can be configured to form a Cluster allowing a VPN client to connect to any of the available Access Servers using the same credentials
UCARP-based primary-secondary failover for LAN deployments
Direct Connection (Server set in SNAT mode) – All communication needs to be initiated from the VPN clients in this mode
Routed Connection (Server in static route as gateway to VPN clients) – VPN clients as well as devices on the internal network can initiate connections
Site-to-Site routing using a suitable Linux-based system configured as Gateway at one site while using a routed connection to Server at the other site
Ease of Client Deployment
Users can download pre-configured client software, or connection profiles for their device directly from your deployed Access Server’s User Web Portal.
A typical server can handle up to 1 ,500 concurrent connections carrying real-world traffic2.
Detailed client access logs are searchable, downloadable, and viewable.
Customizable Server Portal branding
Two (2) simultaneous connections are supported in trial mode free of charge
An annual licensing fee is charged based on the quantity of concurrent connected devices. Upfront multi-year purchases are offered a discount
AWS tiered pricing is supported
1 . The ability of the Client to execute code is dependent on the device's OS and required code execution privileges. Mobile Operating Systems are not supported.
2. This is an estimate. User capacity will also depend on the bandwidth consumed per user and the system's total available bandwidth. A typical server is considered to be one with at least an 8-core CPU and 8 GB of RAM.
See What Users Think About OpenVPN Access Server
“If you need a simple, secure, easy to set up VPN, you should totally use OpenVPN.”
- Marcelo D.
“If you are looking for a VPN solution that transforms the way you run business, is easy to manage, is easy to deploy and cost effective, then OpenVPN is the solution for you.”
- Joel B.
“OpenVPN is the easiest VPN solution to deploy while maintaining the highest level of security for your users and clients.”
- Patrick C.
“If you need a VPN solution that works, is cost effective, and provides your organization with a level of security that is unmatched — this is the software for you.”
- Jym M.
“OpenVPN has high security and is versatile for your VPN connections.”