OpenVPN Access Server System Administrator Guide

05.08.2013 Views
4.3 Authentication Pages 4.3.1 General Figure 32: General User Authentication page Access Server does not store and manage user credentials. Instead, it interfaces with one of the following systems for user authentication: Local: This is a user authentication system that is managed by OpenVPN Access Server. You can set the vpn users password on the User Permissions page when Local Authentication is enabled. PAM: Pluggable Authentication Modules - The system used to authenticate users to the Unix host running Access Server. RADIUS: Between one and five RADIUS servers can be contacted for user authentication and (optionally) also user accounting. LDAP: An Active Directory domain controller or other LDAP server is used to validate user credentials. On the General User Authentication page, you can choose between the three methods of authenticating Access Server users. This setting can also be changed on the configuration pages for PAM, RADIUS and LDAP (e.g., on the RADIUS page, you can press Use RADIUS if RADIUS isn't already chosen). Note, however, that only one authentication method type can be chosen for Access Server user authentication. OpenVPN Access Server System Administrator Guide 35

4.3.2 PAM Figure 33: PAM Authentication page PAM stands for Pluggable Authentication Modules and is the standard method for authenticating users on a Unix system. Selecting PAM for authenticating OpenVPN Access Server users means that users must provide the same username and password credentials to the Access Server as they would when authenticating to the Unix host that runs the Access Server. When PAM is not already selected to be used to authenticate users, the Use PAM button selects PAM (instead of RADIUS or LDAP) for authentication. When PAM is selected, there are no configuration settings to adjust in the Admin Web UI. Internally, the Access Server authenticates using a PAM service named openvpn_as, which corresponds to the file /etc/pam.d/openvpn_as (added during initial configuration of Access Server). OpenVPN Access Server System Administrator Guide 36

Page 1 and 2: OpenVPN Access Server System Admini

Page 3 and 4: TABLE OF CONTENTS 1 Introduction ..

Page 5 and 6: 1 Introduction The OpenVPN Access S

Page 7 and 8: 1.3 Deployment Overview (Quick Star

Page 9 and 10: 2.2.1 One Network Interface on Priv

Page 11 and 12: 2.3 User Authentication and Managem

Page 13 and 14: 3 Installation This section describ

Page 15 and 16: You will need to list whether this

Page 17 and 18: Getting hostname... Hostname: vpn-g

Page 19 and 20: Note that the “At a glance” rig

Page 21 and 22: 4.1.2 Log Reports The Log Reports p

Page 23 and 24: 4.2 Configuration Pages 4.2.1 Licen

Page 25 and 26: The Hostname or IP Address is the n

Page 27 and 28: https://192.168.1.20/ and the Admin

Page 29 and 30: VPN Clients (provided that the Acce

Page 31 and 32: 4.2.5 Advanced VPN 4.2.5.1 Inter-Cl

Page 33 and 34: Figure 27: Connection Security Refr

Page 35 and 36: 4.2.6 User Permissions Figure 30: U

Page 37: 4.2.7 Group Permissions Figure 31:

Page 41 and 42: 4.3.4 LDAP Figure 35: LDAP Authenti

Page 43 and 44: 4.4.1.1 Active Profile and Edit Pro

Page 45 and 46: Figure 38: Connectivity Test page N

Page 47 and 48: 5 Connect Client The Connect Client

Page 49 and 50: Tray Icon: The tray icon is a featu

Page 51 and 52: 5.3 Rebranding the Admin UI OpenVPN

Page 53 and 54: # openssl genrsa -out new.key 1024

Page 55 and 56: 7 How to authenticate users with Ac

Page 57 and 58: 8 Failover OpenVPN Access Server ha

server

openvpn

admin

administrator

configuration

settings

authentication

ldap

radius

active

doc.elcat.kg

OpenVPN Access Server System Administrator Guide

OpenVPN Access Server System Administrator Guide ... View more OpenVPN Access Server System Administrator Guide

Delete template?

Save as template ?

OpenVPN Access Server System Administrator Guide OpenVPN Access Server System Administrator Guide