API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 29th, 2017
1,415
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.25 KB | None | 0 0
raw download clone embed print report
  1. How To Start A VPN Service With OpenVPN, WHMCS and Freeradius
  2.  
  3. In this tutorial, written for Linux - CentOS, we will be using OpenVPN, which, as many of you likely know, is an open source software application that implements virtual private network (VPN). Then,we will be setting up a WHMCS module to work with this configuration. The add-on we will be using is called FreeRadius by SafeSrv. You will need to purchase this add-on through WHMCS's website.
  4.  
  5. This tutorial will be in two parts:
  6. Part One - Setting up OpenVPN
  7. Part Two - Adding it to your WHMCS (assuming that WHMCS is already installed).
  8. Grab your coffee and cigarettes, and follow the instructions below. If by chance you have any problems or questions, feel free to post them here and I will assist as much as I can.
  9.  
  10. [Image: 2jampnT.png]
  11.  
  12. PART ONE
  13. Setting Up OpenVPN
  14.  
  15. 1. Install the following dependencies:
  16. yum install gcc make rpm-build autoconf.noarch openssl-devel pam-devel zlib-devel
  17.  
  18. 2. Download the OpenVPN software (should be pretty quick downloads):
  19. wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm
  20. wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
  21.  
  22. 3. Install the following files:
  23. rpmbuild --rebuild lzo-1.08-4.rf.src.rpm
  24. rpm -Uvh /usr/src/redhat/RPMS/x86_64/lzo-*.rpm
  25. rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
  26. yum install openvpn
  27.  
  28. 4. Copy the OpenVPN files:
  29. cp -r /usr/share/doc/openvpn-2.2.0/easy-rsa/ /etc/openvpn/
  30.  
  31. 5. Now it is time to create your SSL keys. When asked for your key information, just press enter:
  32. cd /etc/openvpn/easy-rsa/2.0
  33. chmod 755 *
  34. source ./vars
  35. ./vars
  36. ./clean-all
  37. ./build-ca
  38. ./build-key-server server
  39. ./build-dh
  40.  
  41. 6. Now, we will create the OpenVPN configuration file. This is where most people mess up, so please pay close attention. Run the following commands:
  42. cd /etc/openvpn
  43. vi server.conf
  44.  
  45. 7. Next, you will need to copy this basic sample configuration file into the server.conf. You then need to edit everything in CAPS. Edit the IP address and port to your main IP address and requested port. Press your escape key, then :wq, and finally press enter to save and exit the configuration file.
  46. local YOUR SERVER IP ADDRESS HERE
  47. port 4 DIGIT PORT NUMBER HERE
  48. proto udp #- protocol can be tcp or udp
  49. dev tun
  50. tun-mtu 1500
  51. tun-mtu-extra 32
  52. mssfix 1450
  53. ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
  54. cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
  55. key /etc/openvpn/easy-rsa/2.0/keys/server.key
  56. dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
  57. plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login
  58. client-cert-not-required
  59. username-as-common-name
  60. server 10.8.0.0 255.255.255.0
  61. push "redirect-gateway def1"
  62. push "dhcp-option DNS 208.67.222.222"
  63. push "dhcp-option DNS 4.2.2.1"
  64. keepalive 5 30
  65. comp-lzo
  66. persist-key
  67. persist-tun
  68. status server-tcp.log
  69. verb 3
  70.  
  71. 8. Now it's time to start OpenVPN. Run the command below to do so. If everything above was done correctly, your service will start without any errors. You are looking for a message saying "Initialization Sequence Completed." Once you see this message, go ahead and press Ctrl+C. If you don't see it, you will get an error message.
  72. openvpn /etc/openvpn/server.conf
  73.  
  74. 9. Setup your Network Allocation Table rules. Change "0.0.0.0" to your server's IP:
  75. echo 1 > /proc/sys/net/ipv4/ip_forward
  76. iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to 0.0.0.0
  77.  
  78. 10. Now we must add your user to the VPN service. To do this, please run the following two commands:
  79. useradd username -s /bin/false
  80. passwd username
  81.  
  82. 11. Create an OpenVPN config file on your local machine with the name vpn1.ovpn. Copy the sample below and change it to your IP and port. Now place it in your OpenVPN configurations folder:
  83. client
  84. dev tun
  85. proto udp
  86. remote 123.123.123.123 4567 #- YOUR OPENVPN IP AND PORT
  87. resolv-retry infinite
  88. nobind
  89. tun-mtu 1500
  90. tun-mtu-extra 32
  91. mssfix 1450
  92. persist-key
  93. persist-tun
  94. ca ca.crt
  95. auth-user-pass
  96. comp-lzo
  97. verb 3
  98.  
  99. 12. Download the Security certificate we created in the beginning, ca.crt from /etc/openvpn/easy-rsa/2.0/keys, to the same OpenVPN configs folder.
  100.  
  101. 13. Start the VPN on the VPS:
  102. openvpn /etc/openvpn/server.conf
  103.  
  104. Now we should log in to the VPN from your local machine (using OpenVPN or another desktop client) with the username/password you created. If everything up to this point has worked, you are doing great so far. Take a bathroom break and come back for part two!
  105.  
  106. [Image: 2jampnT.png]
  107.  
  108. PART TWO
  109. WHMCS and Freeradius
  110.  
  111. Okay, I hope you have your coffee and bathroom break out of the way because we're getting right back into it!
  112.  
  113. 1. First off, you will need to do a few different things so that we don't run into any problems in the future. Fix it now, so it doesn't become a problem later. You need to go to SafeSRV's website and purchase/download Freeradius. We need to first install ioncube loader 4.4.1. To do this, please perform the following:
  114. A. Make sure your PHP version, at minimum, is 5.4. If it isn't, update. If you are unsure, go through your control panel (WHM or whatever) to check.
  115.  
  116. B. Go ahead and upload the /modules/servers/Freeradius folder into modules/servers/. Now upload /modules/addons/Freeradius into modules/addons. Overwrite any files if prompted.
  117.  
  118. C. Go into your WHMCS admin. Go to Setup>Addon Modules and activate the Freeradius module.
  119.  
  120. D. Next, we need to upload the files that SafeSRV provided to your WHMCS site and then run the loader-wizard.php, which should already be included.
  121.  
  122. E. Now go ahead and replace the current ioncube loader line in your PHP.ini file to where your new loader is located. Upload your loader to usr/local/IonCube/ while writing over your current ioncube loader.
  123.  
  124. F. Restart Apache.
  125.  
  126. 2. Now, we need to install telnet on your server that is running your WHMCS. If you have already have telnet installed, you may skip this step.
  127. yum install telnet
  128.  
  129. 3. On your VPN Servers OpenVPN config files, add the following (with different port numbers each time):
  130. management localhost 7505
  131.  
  132. 4. Activate the Client Config Directory, or CCD, on all of your OpenVPN servers by this command:
  133. mkdir -m 777 /etc/openvpn/ccd
  134. echo -e "\nclient-config-dir /etc/openvpn/ccd" >> /etc/openvpn/server.conf
  135. service openvpn restart
  136.  
  137. 5. Install MySQLi php extension in WHM - just enable the mysqli extension in PHP through EasyApache under the Exhaustive Options. If you do not have cPanel, you may use this command:
  138. yum install php-mysqli
  139.  
  140. 6. You will need to install PHP-SSH2 extension as well, same way as above for WHM users. Go to /etc/openvpn and find the file named radiusplug.cnf. Open this up and change overwriteccfiles=true to overwriteccfiles=false.
  141.  
  142. 7. Restart OpenVPN by running the service command:
  143. service openvpn restart
  144.  
  145. 8. Everything should be ready now. You are now ready to setup products in your WHMCS. Go ahead and log in to your WHMCS admin again and go to Setup>Products>Products. Create a new product group as well as a new product. Find your module settings tab and enter in your license key from SafeSRV. You can play with the other settings as you please.
  146.  
  147. 9. Now we will go ahead and add the Free Radius db connection. To do this, go to Setup>Product/Services>Servers. Under Server Details, select the type as Freeradius and use the following information:
  148. Name: Name of your Freeradius Server
  149. IP Address: The IP of your Freeradius Server or 127.0.0.1 for local Freeradius
  150. Accounts: How many accounts you want to have on this Freeradius
  151. Type: Select "Freeradius"
  152. Username: Enter the username of the DB user who has permissions to access your Freeradius MySQL database remotely or locally.
  153. Password: Enter the password of the DB user who has permissions to access your Freeradius MySQL database remotely or locally.
  154. Access Hash: Enter the name of the DB on your Freeradius server.[/color][/font]
  155.  
  156. 10. Lastly, you will need to create a cron job with the following command and set it to run around every 5-10 minutes:
  157. php -q /home/user/public_html/whmcs/modules/servers/Freeradius/cron.php
  158.  
  159. 11. Other than this, customize however you'd like. The rest is pretty self-explanatory. It's just like setting up normal packages in WHCMS.
  160.  
  161. You got through it! Give yourself a pat on the back! I took a good bit of time for this tutorial, so if you enjoyed it, please comment and such :)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!