In order to make it convenient for you to deploy your site-to-site setups using Access Server, we have went ahead and preconfigured an appliance that you can use right away with minimal initial configuration. To start using the appliance, you must have a virtualization platform that supports the import of OVF/OVA files. While other products besides ESXi may support the import of these files, we cannot guarantee that the appliance will work under these conditions. This appliance is provided on an "as-is" basis, and no implicit or explicit warranties of any kind are offered through the use of this appliance. OpenVPN Technologies, Inc. will not be responsible for any damages or liabilities caused from your use of this appliance. You are using this appliance at your own risk!
The 64-bit virtual appliance is distributed as a .OVA file that can be imported into your current virtual machine repository. To import the appliance, launch the VMWare vSphere Client and login to your VMWare Infrastructure server with your credentials. (Please note that the appliance itself runs in a 64-bit OS, and therefore requires that your CPU support the proper virtualization optimizations. If your CPU does not support these, you will not be able to run this appliance.)
After logging in to your server with an account that has the permission to create/import a new virtual machine, click the File menu, and then select Deploy OVF Template....
Enter the following URL when requested:
Follow the Deploy OVF Template wizard to complete the import of your new appliance.
The appliance downloaded from this website comes depersonalized and must be personalized before it can be used. Please follow the instructions below in order to customize your OpenVPN Access Server appliance.
Upon the initial startup of the appliance, you will be asked to login to the console of the appliance.
To do so, use the following credentials:
The appliance comes with OpenSSH Server installed. However, the server side SSH keys are removed to ensure each appliance has a unique identity. For such, you will need to generate new unique keys before SSH can be used on the appliance. To do so, run the following commands (please note that the double single quotes are required at the end):
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
service ssh start
If you do not plan to use SSH to manage your appliance, you may elect to uninstall it by using the following command:
apt-get remove --purge openssh-server
The root password is the equivalent of an administrator password in the Windows environment. Anyone who has this password would also have full control over the appliance. Becuase this is set to a default password of 'debian', it should be changed to something secure, especially if you plan to use this appliance in production environments.
To do so, execute the follow command (you will be asked for your new root password):
The appliance by default automatically obtains networking information from DHCP. If your network has no DHCP server and/or you would like to manually assign an IP address to your OpenVPN Client appliance, please follow the steps below:
For example, if you would like to configure your appliance to have an IP address of 192.168.0.100, and subnet mask of 255.255.255.0, a gateway of 192.168.0.1, and nameservers of 188.8.131.52 and 184.108.40.206, your configuration will look like this:
# The primary network interface
iface eth0 inet static
dns-nameservers 220.127.116.11 18.104.22.168
Once you are done, press CTRL+O, and then press Enter. Then press CTRL+X to exit the editor.
To activate the new configuration, run the following command: ifdown eth0 && ifup eth0.
The default timezone is set to US (Pacific - Los Angeles). If you reside at another timezone and you would like to change this setting, run the following command (you will be asked what timezone you would like to set):
The system will show the new local time after this setting is configured.
From the time we have generated the appliance and the time you have downloaded and are using the appliance, many operating system updates might have became available. To make sure your appliance operating system is up to date, execute the following command:
apt-get update && apt-get upgrade