OpenVPN Access Server System Administrator Guide

Allow Auto-login: The user can choose a client configuration that enables connecting to the VPN
without authenticating with a password (useful for unattended VPN clients residing on network
server hosts. When an autologin profile is used this will allow
Deny Access: The user is not permitted to use the VPN.
Additionally, you can use the Show link to show the drop-down list of other settings that can be
configured for the user, including:
VPN Static IP Address: The IP address to be given to the user when the VPN connection is made.
This address must be within the Static IP Address Network configured on the VPN Settings page.
VPN Gateway: You can configure a user to act as a gateway for the VPN server. The Gateway
option allows users from the VPN to access local machines and services on the LAN that the VPN
Gateway sits on.
DMZ Settings: This option allows you to make a users full machine or single service available
over the VPN‟s Public IP
You can add new usernames to the User Permissions table with the New Username: textbox.
Modify the user permissions by checking or unchecking the permissions box for the desired user in
the table, or delete the user's reference with the Delete checkbox. Note that when a user‟s reference
is deleted from the User Permissions page, the user‟s account may still be active in the
authentication system (PAM, RADIUS or LDAP). In particular, the user (whose reference was
removed from the User Permissions page) may still be able to successfully authenticate to the
authentication system and thus also be able to connect to the Access Server‟s VPN.
By default, the Access Server allows VPN access to any successfully authenticated user. However,
the Deny access to all users not listed above setting allows you to prevent VPN access to any user
that is not listed in the User Permissions table.
OpenVPN Access Server System Administrator Guide
33