Unlock the Full Potential of Your Access Server

How to change the branding on the Admin and Client Web UIs

Incorporating your own branding can be helpful in establishing employee trust. You can tweak the web pages Access Server provides for accessing your Admin and Client Web UIs, including adding your business logo.

This goes well with setting up a hostname so your admins and users aren't relying on the server's IP address for access: Tutorial: Setting up your Access Server Hostname.

For more information about the user interfaces, we have user manuals for you:

Log reports — how to query the log

As the administrator, Access Server's logs provide helpful information. You can see who is accessing the network, when, and from what location and devices. This can be crucial when trying to pinpoint a potential breach or attack, or when you're simply trying to find an error.

DNS settings

For human-friendly web navigation, Access Server supports flexibility with DNS, allowing you to match your use case needs. Read about it here.

You can manage the DNS configuration from the Admin Web UI. Read how here.

Troubleshooting DNS issues? Here's some help.

OpenVPN DCO

When you turn on OpenVPN Data Channel Offload (DCO), your VPN server and clients will experience performance gains.

OpenVPN DCO changes how Access Server handles the data flowing through the VPN tunnel. With DCO, the data channel encryption and decryption are offloaded to kernel space, letting the kernel do the work instead of dealing with it in user space. This saves on copy operations from kernel to user space and back and uses multi-threading.

Recommended reading: OpenVPN Data Channel Offload (DCO).

Get things started here: Tutorial: Turn on OpenVPN DCO.

We always recommend running the latest versions. If you need help upgrading, here's a tutorial to get you started: Tutorial: Upgrade the OpenVPN DCO module.

Certificates

When talking about certificates with Access Server, you may see references to CA certificates or SSL certificates for the Web UIs.

Access Server issues and manages its own certificates for the server and its clients. This certificate infrastructure is called public key infrastructure (PKI). You can read about it in detail here: Access Server's CA Certificate Management.

We also support an option to use your own external PKI, as detailed in this topic: External Public Key Infrastructure.

For the SSL certificates used by Access Server's web services, Access Server generates self-signed web certificates valid for one year. You can read the details about them here: SSL Certificates on Access Server's Web Services.

Below are a few tutorials for replacing those with your own valid web SSL certificate:

User passwords

Allowing users to change their own passwords from the Client Web UI can help take some of the pressure from your IT service desk. From the Admin Web UI, you can determine if your users can change their own passwords from the Client Web UI, and you can enforce strong passwords.

TOTP multi-factor authentication (MFA)

It's no secret that MFA can help prevent breaches due to compromised credentials. That's why admins can opt to enable MFA in Access Server. Access Server supports TOTP MFA configured in the Admin Web UI.

Read more about how to set up MFA here: TOTP MFA: Multi-Factor Authentication for Access Server.

Password lockout policy

To prevent access via brute-force attacks, Access Server automatically locks a user account after repeated failed authentication attempts. You can adjust the default values for

a. how many failed attempts are permitted before a lockout and

b. how much time must elapse before a timeout ends and the lock on the account is lifted.

See Authentication failure lockout policy for more specifics.

Get started with Access Server

Access Server has additional features that can help your business build the foundation for a Zero Trust security strategy.

Ready to learn more? Join our office hours for a live demo.

Questions