Prevent built-in admin to login to VPN but not Admin UI

Morphlin · Post by **Morphlin** » Wed Aug 14, 2013 3:44 am

Hello,

I'm using OpenVPN Appliance 1.8.5 and it's configured to use RADIUS as authentication.

What I need is to prevent the admin account to login to the Access Server but at the same time he must be able to login the Admin UI...

BUT I don't want to delete the admin user because I need to access OpenVPN admin even if radius server is offline.

Is this possible?

Thank you!

rsenio · Post by **rsenio** » Wed Aug 14, 2013 6:47 pm

Create another local admin user and log into the web ui as the new account. Click the "deny access" for the default openvpn user. Log back in as the openvpn user and remove the other admin user you just created.

Morphlin · Post by **Morphlin** » Thu Aug 15, 2013 1:28 am

Hi rsenio,

Thanks for your response!

I tried what you wrote but the openvpn user still has access to both vpn and admin ui even if it's set to "Deny access"!

rsenio · Post by **rsenio** » Thu Aug 15, 2013 3:13 pm

Not sure what to tell you. I tested mine by trying to log into the VPN as the openvpn user, and it comes up as "your account has been suspended" when I try the OpenVPN connect client, and if I go to the webpage instead and try it tells me "Unexpected error: DENY: user in deny list"

OpenVPN Support Forum

Prevent built-in admin to login to VPN but not Admin UI

Prevent built-in admin to login to VPN but not Admin UI

Re: Prevent built-in admin to login to VPN but not Admin UI

Re: Prevent built-in admin to login to VPN but not Admin UI

Re: Prevent built-in admin to login to VPN but not Admin UI