OpenVPN Access Server System Administrator Guide

More documents

Recommendations

Info

4.3 Authentication Pages 4.3.1 General Figure 32: General User Authentication page Access Server does not store and manage user credentials. Instead, it interfaces with one of the following systems for user authentication: Local: This is a user authentication system that is managed by OpenVPN Access Server. You can set the vpn users password on the User Permissions page when Local Authentication is enabled. PAM: Pluggable Authentication Modules - The system used to authenticate users to the Unix host running Access Server. RADIUS: Between one and five RADIUS servers can be contacted for user authentication and (optionally) also user accounting. LDAP: An Active Directory domain controller or other LDAP server is used to validate user credentials. On the General User Authentication page, you can choose between the three methods of authenticating Access Server users. This setting can also be changed on the configuration pages for PAM, RADIUS and LDAP (e.g., on the RADIUS page, you can press Use RADIUS if RADIUS isn't already chosen). Note, however, that only one authentication method type can be chosen for Access Server user authentication. OpenVPN Access Server System Administrator Guide 35
4.3.2 PAM Figure 33: PAM Authentication page PAM stands for Pluggable Authentication Modules and is the standard method for authenticating users on a Unix system. Selecting PAM for authenticating OpenVPN Access Server users means that users must provide the same username and password credentials to the Access Server as they would when authenticating to the Unix host that runs the Access Server. When PAM is not already selected to be used to authenticate users, the Use PAM button selects PAM (instead of RADIUS or LDAP) for authentication. When PAM is selected, there are no configuration settings to adjust in the Admin Web UI. Internally, the Access Server authenticates using a PAM service named openvpn_as, which corresponds to the file /etc/pam.d/openvpn_as (added during initial configuration of Access Server). OpenVPN Access Server System Administrator Guide 36
Page 1 and 2: OpenVPN Access Server System Admini
Page 3 and 4: TABLE OF CONTENTS 1 Introduction ..
Page 5 and 6: 1 Introduction The OpenVPN Access S
Page 7 and 8: 1.3 Deployment Overview (Quick Star
Page 9 and 10: 2.2.1 One Network Interface on Priv
Page 11 and 12: 2.3 User Authentication and Managem
Page 13 and 14: 3 Installation This section describ
Page 15 and 16: You will need to list whether this
Page 17 and 18: Getting hostname... Hostname: vpn-g
Page 19 and 20: Note that the “At a glance” rig
Page 21 and 22: 4.1.2 Log Reports The Log Reports p
Page 23 and 24: 4.2 Configuration Pages 4.2.1 Licen
Page 25 and 26: The Hostname or IP Address is the n
Page 27 and 28: https://192.168.1.20/ and the Admin
Page 29 and 30: VPN Clients (provided that the Acce
Page 31 and 32: 4.2.5 Advanced VPN 4.2.5.1 Inter-Cl
Page 33 and 34: Figure 27: Connection Security Refr
Page 35 and 36: 4.2.6 User Permissions Figure 30: U
Page 37: 4.2.7 Group Permissions Figure 31:
Page 41 and 42: 4.3.4 LDAP Figure 35: LDAP Authenti
Page 43 and 44: 4.4.1.1 Active Profile and Edit Pro
Page 45 and 46: Figure 38: Connectivity Test page N
Page 47 and 48: 5 Connect Client The Connect Client
Page 49 and 50: Tray Icon: The tray icon is a featu
Page 51 and 52: 5.3 Rebranding the Admin UI OpenVPN
Page 53 and 54: # openssl genrsa -out new.key 1024
Page 55 and 56: 7 How to authenticate users with Ac
Page 57 and 58: 8 Failover OpenVPN Access Server ha

OpenVPN Access Server System Administrator Guide

Create successful ePaper yourself

Delete template?

Save as template?