Restrict Access to Admin Web UI - Except While On VPN

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
TeleBrady
OpenVpn Newbie
Posts: 4
Joined: Mon May 16, 2022 11:47 pm

Restrict Access to Admin Web UI - Except While On VPN

Post by TeleBrady » Mon May 16, 2022 11:52 pm

Is it possible to restrict access to the admin web UI to anything off VPN, while allowing it to be accessed to clients connected to VPN?

Running OpenVPN AS 2.8.5 in AWS.

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 691
Joined: Tue Feb 16, 2021 10:41 am

Re: Restrict Access to Admin Web UI - Except While On VPN

Post by openvpn_inc » Tue May 17, 2022 10:04 am

Hello TeleBrady,

I would advise you to go to the Network Settings section in the Admin web UI, and turn off the Admin Web Server forwarding option. This will let the client web UI be reachable on port TCP 443, while the admin web UI will only be reachable on port TCP 943 now.

You could now use a firewall to control access to the TCP 943 port. By default it's reachable from the Internet but you could make it not so. On AWS there is security group settings to control this. You could set it to be only reachable from certain IP addresses. You could also use iptables to control things but since Access Server relies on iptables itself you'd have to take care when doing this. You could configure things so that only people from the VPN could access it now.

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

TeleBrady
OpenVpn Newbie
Posts: 4
Joined: Mon May 16, 2022 11:47 pm

Re: Restrict Access to Admin Web UI - Except While On VPN

Post by TeleBrady » Tue May 17, 2022 3:28 pm

Perfect, thank you Johan, that was exactly what I needed.

Post Reply