Description: OpenVPN GUI allows you to configure Start Before Logon (SBL) / Pre-Logon Access Provider (PLAP) so you can connect to the VPN before signing in to Windows.
Step by Step
- Install OpenVPN GUI on your Windows machine.
- On your taskbar, click to show hidden icons and right-click on OpenVPN GUI.
- Press Left-Click on "Settings...":
- Enable Pre-Logon Access Provider and click OK.
- Download your connection profile (.ovpn file) from your Access Server Client Web UI.
- Edit your connection profile (.ovpn file) with a text editor and add the below lines:
management 127.0.0.1 12345
Optional: If you're using TOTP MFA and want to enable TOTP MFA with SBL/PLAP, you need to add this line as well:
management-hold
management-query-passwords
auth-retry interact
- Save the changes.
- Go to the below path in your Windows:
C:\Program Files\OpenVPN
- Go to the "config-auto" directory:
- Paste there the modified connection profile (.ovpn file):
- Open Powershell with admin privileges and run the below command:
Restart-Service OpenVPNService
- Open the OpenVPN GUI again, and you should see your connection profile under Persistent Profiles.
If this doesn't work, please reboot your Windows PC and check again.
Test
- Lock your Windows PC or reboot it.
- You should see this icon from the Windows login page:
- Click on that icon.
- You will see this login prompt with the name of your connection profile:
- Click the arrow, and you will be prompted to enter your VPN username and password:
- Finally, you're connected to the VPN before you sign in to Windows.
If you have additional questions, please submit a ticket.
Comments
0 comments
Please sign in to leave a comment.