User Tools

Site Tools


OpenVPN account manager

Or VAM for short.

I made it application based on Squid quota manager,
which I made based on Maacom, simple web mail account manager,
in the House That Jack Built =)

Time measure: 2.5 hours of first re-programming from copy of Squid quota manager

The application include vam-helper, autentification helpler for OpenVPN.

Status: work into real enterprise, with 80+accounts.

Installation

Order of installation and start is the same as Maacom. The application ready for use.

Source now here

The release a beta but work good (may be =) ).

Debian jessie package

Sqm config example

vam.conf
#
# $Id$
#
loglevel = debug
dbname = /var/db/vam/vam.db
user = www
group = www
 
# -- for postgresql --
#dbname = vam
#dbhost = 127.0.0.1
#dblogin = vam
#dbpassword = password
#dbengine = postgres
 
#EOF

And install procedure for the example

# ./configure --prefix=/usr/local --with-user=www --with-group=www
# make install
# mkdir -p /var/db/vam/
# sqlite3 /var/db/vam/vam.db <usr/local/share/vam/schema.sql
# chown -Rv www:www /var/*/sqm
# service sqm start

Server configuration example

serv.conf
#
# $Id$
#
proto tcp
port 2011
 
server 10.16.254.0 255.255.255.0
push "route 172.16.11.0 255.255.255.0"
 
client-config-dir /etc/openvpn/ccd
 
ifconfig-pool-persist /var/log/openvpn/s2011.pool
status /var/log/openvpn/s2011.stat 1
log /var/log/openvpn/s2011.log
verb 3
 
ca keys/ca.crt
cert keys/serv.crt
key keys/serv.key
dh keys/dh2048.pem
 
auth-user-pass-verify /usr/sbin/vam-helper via-env
client-cert-not-required
username-as-common-name
script-security 3
 
mode server
tcp-nodelay
dev tun
topology subnet
 
keepalive 10 120
max-clients 200
txqueuelen 1000
user nobody
group nogroup
 
persist-key
persist-tun
#EOF

Client configuration example

client.conf
#
# $Id$
#
client
dev tun
proto tcp
remote vpnc.example.com 2011
ca ca.crt
auth-user-pass auth.txt
pull
verb 3
#EOF

First PagePrevious PageBack to overview