Configure OpenVPN Connect with Google Authenticator 2FA

Permanently deleted user -

Step 1. Download the Google Authenticator app on your mobile phone:


Once the Google Authenticator app has been downloaded on your phone, give it permission to your phone's camera, if prompted.

  • On your computer:
  • If you don't already have the OpenVPN Connect app installed on your computer, you can download it from this link.  If the app is already on your computer, go to step 2.

Step 2 (DO NOT scan the image below - Scan QR Code from the Server):

Using a web browser (Chrome/Firefox/etc), go to and log in with your Active Directory username and password (same user/password as your computer). You may get some “certificate” warnings. You can accept the risks and proceed. On first login, the account will be prompted by a QR-Code.


Scan this QR code FROM THE AUTHENTICATOR app (click the “+” button and select “Scan QR Code”). Once you scan the QR Code, click “Add Account” and use the supplied passkey to enter into the 6-digit code box, and click “Confirm Code” to complete login in the server. (Note: the authenticator app shows a countdown timer which shows how much time is remaining before that passkey expires)


Step 3 (Download User Configuration file):

Once you are in the VPN user portal, download the “user-locked” profile from the link provided.


Step 4 (Add the downloaded user connection profile to OpenVPN):

Start the OpenVPN Connect App (you will be greeted with feature screenshots…just click through them). Click the “+” button to import the “.ovpn” config file which was downloaded in the previous step (This is done simply with a drag-n-drop from the downloads folder to the “file” tab of the “Import Profile” window).



In the next window, enter your account password (computer password), then, enter the 6-digit code displayed on the Google Authenticator app from your phone and click send to connect.




Have more questions? Submit a request


Please sign in to leave a comment.