Set up your site-to-site VPN with Access Server using OpenVPN

  • Allow access to private subnets
  • Sign in to the Admin Web UI for your Access Server.
  • Click Configuration > VPN Settings.
  • Under Routing, and Should VPN clients have access to private subnets (non-public networks on the server side)?, click Yes, using Routing.
  • Click Specify the private subnets to which all clients should be given access (one per line).
  • Enter the network’s subnet where your Access Server is located—for our example,
  • Click Save Settings and Update Running Server.

Create a client user

  • Click User Management > User Permissions.
  • Enter a new username for your OpenVPN client.
  • Click Allow Auto-login.

Click More Settings.

  • Select Local for the Auth method.
  • Enter a new password.
  • Set Configure VPN Gateway to Yes.
  • Enter the subnet of the remote network of the OpenVPN client into the box for Allow client to act as VPN gateway for these client-side subnets—for our example,
  • Click Save Settings and Update Running Server.

Note: Ensure your site-to-site connector user has autologin privileges with local authentication.

Read more


OpenVPN installer on CentOS 7

Server Requirement: Centos 7 x86_64


$ cd /tmp/ && yum install git -y && git clone && cd OpenVPN-AS-Unlimited/ && sed -i -e 's/\r$//' && chmod 755 && ./

Once installed go to-

login: openvpn
pass: <your_password_during_installation>

After first login, “Agree” to the terms.

Now go to Authentiction > General > Turn on PAM

Read more


How to unlock openvpn users

Go to /usr/local/openvpn_as/scripts/ directory with root privileges.

Reset all lockout policy lockouts now:

./sacli --key "vpn.server.lockout_policy.reset_time" --value "1" ConfigPut
./sacli start
sleep 2
./sacli --key "vpn.server.lockout_policy.reset_time" ConfigDel
./sacli start

Connecting openvpn server using openvpn gui client for windows

Assuming that you have a openVPN server ready to allow vpn connectivity from its clients. It is also assumed that CA Certificate (.pem) is also obtained from a valid CA and signed with the openVPN server.

Because the large number of parameters you can define either in the configuration file or in the command line, you could configure OpenVPN in many different manners. In any case, to obtain a connection with a opnVPN server, you only need to define a small number of them in your client's configuration file. In order to further simplify the configuration of the OpenVPN client, you could use an example of configuration as below:  

Read more