{"id":92710,"date":"2023-06-30T17:54:35","date_gmt":"2023-06-30T21:54:35","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&#038;p=92710"},"modified":"2024-06-27T14:49:19","modified_gmt":"2024-06-27T18:49:19","slug":"configure-openvpn-to-use-cloud-ldap","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap","title":{"rendered":"Configure OpenVPN to Use Cloud LDAP"},"content":{"rendered":"\n<p>You can configure OpenVPN to use JumpCloud&#8217;s LDAP-as-a-Service, which will perform user authentication and authorization. OpenVPN is an open source connection protocol that facilitates a secure tunnel between two points in a network. It&#8217;s a trusted technology used by many virtual private networks (VPNs), to ensure that&nbsp;data sent over the internet is encrypted and private.<br><br><strong>Prerequisites<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>See\u00a0<a href=\"https:\/\/jumpcloud.com\/support\/use-cloud-ldap\">Use Cloud LDAP<\/a>\u00a0to obtain the JumpCloud specific settings required below.<\/li>\n<\/ul>\n\n\n\n<p><strong>Version Details<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Configuration options were qualified using the\u00a0<a href=\"https:\/\/openvpn.net\/vpn-server-resources\/deploying-the-access-server-appliance-on-vmware-esxi\/\" target=\"_blank\" rel=\"noreferrer noopener\">OpenVPN Virtual Appliance<\/a>\u00a0v 2.6.1 via the\u00a0included Admin UI and the\u00a0<a href=\"https:\/\/openvpn.net\/vpn-server-resources\/openvpn-access-server-on-active-directory-via-ldap\/#configure-access-server-to-use-ldap-authentication\" target=\"_blank\" rel=\"noreferrer noopener\">OpenVPN documentation for configuring LDAP authentication<\/a>.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Configuring OpenVPN for LDAP Authentication and Authorization<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">LDAP Settings:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Primary server:<\/strong>\u00a0<a href=\"https:\/\/ldap.jumpcloud.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">ldap.jumpcloud.com<\/a><\/li>\n\n\n\n<li><strong>Use SSL to connect to LDAP servers<\/strong>: On<\/li>\n\n\n\n<li><strong>Credentials for Initial Bind:<\/strong>\u00a0\u2018Use these credentials\u2019 select On<\/li>\n\n\n\n<li><strong>Bind DN:<\/strong>\u00a0uid=<em>LDAP_BINDING_USER<\/em>,ou=Users,o=<em>YOUR_ORG_ID<\/em>,dc=jumpcloud,dc=com<\/li>\n\n\n\n<li><strong>Password:<\/strong>\u00a0<em>LDAP_BINDING_USER_PASSWORD<\/em><\/li>\n\n\n\n<li><strong>Username Attribute:<\/strong><em>\u00a0<\/em>uid<\/li>\n\n\n\n<li><strong>(Optional) Group Setting<\/strong>:\n<ul class=\"wp-block-list\">\n<li>You can add a requirement for LDAP group membership to control\u00a0user access. To leverage LDAP Groups, see\u00a0<a href=\"https:\/\/jumpcloud.com\/support\/create-an-ldap-group\">Create an LDAP Group<\/a>.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Additional LDAP Requirement<\/strong>: memberOf=cn=<em>GROUP<\/em><em>_NAME<\/em>,ou=Users,o=<em>YOUR_ORG_ID<\/em>,dc=jumpcloud,dc=com<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"834\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings-1024x834.jpg\" alt=\"OpenVPN LDAP server configuration settings.\" class=\"wp-image-92717\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings-1024x834.jpg 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings-300x244.jpg 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings-768x626.jpg 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings.jpg 1204w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Testing OpenVPN Authentication and Authorization<\/h2>\n\n\n\n<p>The OpenVPN Access Server provides a command line utility &#8220;<em><strong>authcli<\/strong><\/em>&#8221; that can be used to validate your JumpCloud Directory-as-a-Service authentication and authorization configuration.\u00a0\u00a0<br><br><strong>PATH<\/strong>: <kbd>\/usr\/local\/openvpn_as\/scripts\/authcli<\/kbd><br><strong>USAGE<\/strong>: <kbd>authcli --user\u00a0JumpCloud_Username<\/kbd><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"906\" height=\"251\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/06\/testing_openvpn_ldap_auth.png\" alt=\"Testing OpenVPN LDAP authentication via terminal.\" class=\"wp-image-92712\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/testing_openvpn_ldap_auth.png 906w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/testing_openvpn_ldap_auth-300x83.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/testing_openvpn_ldap_auth-768x213.png 768w\" sizes=\"(max-width: 906px) 100vw, 906px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Troubleshooting&nbsp;OpenVPN Authentication and Authorization<\/h2>\n\n\n\n<p>For additional diagnostic information, you can enable Debug Level logging within the OpenVPN Access Server &#8216;<em><strong>as.conf<\/strong><\/em>&#8216; configuration file, restart the service and review the verbose log messages within the default &#8220;<em><strong>\/var\/log\/openvpnas.log<\/strong><\/em>&#8221; file.<\/p>\n\n\n\n<div class=\"wp-block-cgb-code-block code-block\"><div class=\"code-block-snippet is-type-body-default\">\n<p>$ sudo bash -c &#8220;echo &#8220;DEBUG_AUTH=true&#8221; &gt;&gt; \/usr\/local\/openvpn_as\/etc\/as.conf<br>$ sudo service openvpnas restart<\/p>\n<\/div><\/div>\n\n\n\n<p>After you finish troubleshooting, edit the configuration file to comment out the DEBUG reference and restart the service to return to normal operation.<\/p>\n\n\n\n<div class=\"wp-block-cgb-code-block code-block\"><div class=\"code-block-snippet is-type-body-default\">\n<p>#DEBUG_AUTH=true<br>$&nbsp;sudo service openvpnas restart<\/p>\n<\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">OpenVPN Documentation<\/h2>\n\n\n\n<p>Review the&nbsp;OpenVPN site for documentation on troubleshooting authentication and enabling debug level logging.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a target=\"_blank\" href=\"https:\/\/openvpn.net\/vpn-server-resources\/troubleshooting-authentication-related-problems\/#debugging-troubleshooting-authentication-problems\" rel=\"noreferrer noopener\">OpenVPN&nbsp;Troubleshooting Authentication Related Problems<\/a>&nbsp;(authcli)<\/li>\n\n\n\n<li><a target=\"_blank\" href=\"https:\/\/openvpn.net\/vpn-server-resources\/configuring-google-secure-ldap-with-openvpn-access-server\/#troubleshooting\" rel=\"noreferrer noopener\">OpenVPN Enable Verbose Authentication Debugging<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>You can configure OpenVPN to use JumpCloud&#8217;s LDAP-as-a-Service, which will perform user authentication and authorization. OpenVPN is an open source [&hellip;]<\/p>\n","protected":false},"author":218,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2845,2896],"support_tag":[],"coauthors":[3011],"class_list":["post-92710","support","type-support","status-publish","hentry","support_category-authentication","support_category-cloud-ldap"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.3.1 (Yoast SEO v25.3.1) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Configure OpenVPN to Use Cloud LDAP - JumpCloud<\/title>\n<meta name=\"description\" content=\"Learn how to configure OpenVPN to use JumpCloud LDAP for authentication and authorization.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Configure OpenVPN to Use Cloud LDAP\" \/>\n<meta property=\"og:description\" content=\"Browse the JumpCloud Help Center by category, search for a specific topic, or check out our featured articles.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2024-06-27T18:49:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings-1024x834.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"Nick Conrad\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap\",\"url\":\"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap\",\"name\":\"Configure OpenVPN to Use Cloud LDAP - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings-1024x834.jpg\",\"datePublished\":\"2023-06-30T21:54:35+00:00\",\"dateModified\":\"2024-06-27T18:49:19+00:00\",\"description\":\"Learn how to configure OpenVPN to use JumpCloud LDAP for authentication and authorization.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings.jpg\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings.jpg\",\"width\":1204,\"height\":981,\"caption\":\"OpenVPN LDAP server configuration settings.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Configure OpenVPN to Use Cloud LDAP\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Configure OpenVPN to Use Cloud LDAP - JumpCloud","description":"Learn how to configure OpenVPN to use JumpCloud LDAP for authentication and authorization.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap","og_locale":"en_US","og_type":"article","og_title":"Configure OpenVPN to Use Cloud LDAP","og_description":"Browse the JumpCloud Help Center by category, search for a specific topic, or check out our featured articles.","og_url":"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap","og_site_name":"JumpCloud","article_modified_time":"2024-06-27T18:49:19+00:00","og_image":[{"url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings-1024x834.jpg","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 minutes","Written by":"Nick Conrad"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap","url":"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap","name":"Configure OpenVPN to Use Cloud LDAP - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings-1024x834.jpg","datePublished":"2023-06-30T21:54:35+00:00","dateModified":"2024-06-27T18:49:19+00:00","description":"Learn how to configure OpenVPN to use JumpCloud LDAP for authentication and authorization.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings.jpg","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/openvpn_ldap_configuration_settings.jpg","width":1204,"height":981,"caption":"OpenVPN LDAP server configuration settings."},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/configure-openvpn-to-use-cloud-ldap#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Configure OpenVPN to Use Cloud LDAP"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/92710","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/218"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/92710\/revisions"}],"predecessor-version":[{"id":112200,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/92710\/revisions\/112200"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=92710"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=92710"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=92710"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=92710"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}