Vesper Secure
VESPER SECURE
Documentation • Admin Console Configuration

Step 1 • Configure Vesper Secure

Configure the Vesper Secure Admin Console

This guide walks you through the initial setup inside app.vespersecure.com: selecting your directory type (Microsoft Entra or Manual), configuring user access, and setting the policies your firewall will enforce.

1) Configure access

Set directory type and admin/user access model.

2) Configure policies

Get your List URL, reset list password, and set IP validity.

3) Billing basics

View plan and purchase via Stripe (if applicable).

Support

Where to get help and what to include in tickets.

Prerequisites

  • Admin access to your Vesper Secure tenant at app.vespersecure.com.
  • Your organization is created and you can see an Organization ID in the header.
  • If using Entra: a Microsoft Entra Global Administrator to grant consent.

Key items you’ll use later

Organization ID

Shown in the Admin Console header and Policies tab

List URL

https://list.vespersecure.com/<organization-uuid>

1) Configure access in User Management

Vesper Secure supports two access models: Microsoft Entra ID (recommended) and Manual (small/test deployments). You’ll configure which admins can manage the tenant, and which end users are allowed to authenticate.

1

Choose your directory type

  1. In the left sidebar, click User Management.
  2. Find the Directory Type header near the top of the page.
  3. Click Change directory type.
  4. Select one of the supported options:
    • Microsoft Entra ID (Recommended): Sync access from Entra groups.
    • Manual: Manually manage admins and licensed end users.
  5. Click Update to save. The page will refresh after a successful update.

Recommendation

Use Microsoft Entra ID for most production deployments. It reduces administrative overhead and helps keep access consistent with your existing identity governance.

Microsoft Entra ID setup (recommended)

This setup connects Vesper to your Entra tenant and lets you define an Admin group and User group that control access.

  1. In User Management, confirm the directory type is Microsoft Entra ID.
  2. If you see a green “Connected to Microsoft Entra” summary, click Add/Update Entra Directory to make changes.
  3. Enter your Directory (tenant) ID.

    You can find this in Entra ID → Overview → Tenant ID.

  4. Click Generate admin consent link.
  5. Click Open link and complete the consent flow with a Global Administrator.
  6. After consent is granted, configure group mapping:
    • Admin group: Members can access this Admin Console.
    • User group: Members are allowed to authenticate and have their source IP allowlisted.
  7. For each group, click Change Group, select the correct group name, then click Update.

Tip

Use dedicated groups such as vesper-admins and vesper-users (or your existing IT / VPN access groups) so the membership is easy to audit and maintain.

Manual setup (optional)

Manual mode is intended for small deployments or testing. You’ll explicitly add administrators and end users (licensed users) inside the portal.

Administrators

  1. Switch directory type to Manual.
  2. Under Administrators, click + Add admin.
  3. Enter the admin email address.
  4. Select a role:
    • Owner: Full admin permissions and can add/remove other admins.
    • Admin: Standard admin permissions.
  5. Click Add to save.

End Users (licensed users)

  1. Under End Users, click + Add user.
  2. Enter the end user email address.
  3. Click Add to save.
  4. Repeat until your list matches who should be allowed to authenticate.

Note

End users are counted against your subscription limit. If you reach the plan limit, you’ll need to remove users or upgrade your plan.

2) Configure policies

The Policies tab is where you’ll copy your List URL, manage the list password used by your firewall, and control how long “permanent” and “temporary” source IPs remain valid.

2

Copy your Organization ID and List URL

  1. In the left sidebar, click Policies.
  2. In Organization Details, copy your Organization ID.
  3. Copy your List URL:
    https://list.vespersecure.com/<organization-uuid>
  4. You will use this URL when creating an External Dynamic List (EDL) / Dynamic Address object on your firewall.

Manage your List Password

Your firewall uses the List Password to authenticate when pulling the list. Resetting it will immediately require updating the password on your firewall.

  1. In Policies, locate the List Password section.
  2. Click Reset List Password.
  3. Click Generate New Password.
  4. Copy the new password and store it securely.
  5. Update your firewall configuration with the new password.

Important

Resetting the list password will break any existing firewall connection until you update the password on the firewall. Make this change during a maintenance window when possible.

Configure Source IP validity

Source IP validity controls how long an IP address remains allowlisted after a user authenticates. Vesper provides separate validity values for Permanent and Temporary selections.

Permanent Source IP Validity

  1. In Policies, find Permanent Source IP Validity.
  2. Click Update.
  3. Set a duration using hours or days.
  4. Click Confirm to save.

Temporary Source IP Validity

  1. Find Temporary Source IP Validity.
  2. Click Update.
  3. Set a duration using hours or days.
  4. Click Confirm to save.

Recommendation

Use shorter durations for Temporary (travel, hotels, cafés) and longer durations for Permanent (trusted locations such as corporate networks and administrator home IPs).

3) Billing basics

The Billing tab shows your current plan and available plan options. Plan selection routes you through Stripe checkout.

3

View your current plan

  1. Click Billing in the left sidebar.
  2. Confirm your Current Plan displayed at the top.
  3. Use this information to understand your current user limits and cost model.

Purchase or change plans (Stripe)

  1. In Billing, review the available Monthly and Yearly plans.
  2. Select the desired plan and click Purchase (Stripe).
  3. Complete checkout in Stripe.
  4. Return to the Admin Console and confirm the plan reflects the update.

Note

If you have a coupon code, apply it directly in the Stripe checkout flow after selecting your plan.

Support

If you need help with configuration, billing, or troubleshooting, contact support directly.

Contact

Email: support@vespersecure.com

Include your Organization ID and a short description of the issue.

What to include

  • Organization ID
  • Directory type (Entra or Manual)
  • What you expected vs what happened
  • Screenshots (redact sensitive data as needed)

Next: Integrate with your firewall

Once your directory and policies are set, follow your firewall guide to add the List URL and enforce it in policy.

Palo Alto Networks (PAN-OS) Fortinet FortiGate Back to Docs Home