I’ve decided to try my hand at creating a Virtual Network service.
The idea is to have a simple web interface where I can add/remove/edit user accounts, Generate Certificates for endpoints and check users usage.
RADIUS is a fantastic AAA (Accounting Authentication And Authorization) protocol, which is used for almost everything ISP related (dial-up, dsl, wimax, wifi hotspots), so it seems only fitting that I use it for this application. It also means I can integrate other things into it, without serious modification (since its a standard). I may even start using it for building my own Hotspot controller for Mikrotik RouterOS based hotspots.
Here’s the plan:
Debian as the Linux flavour
MySQL to store all the authentication and configuration information (howto)
FreeRADIUS to provide an interface into getting at the information, and for accounting
OpenVPN for the actual VPN server
RadiusPlugin for making OpenVPN play nicely with FreeRADIUS
Apache HTTP server, since its going to be a web frontend
PHP for the service side part of the web frontend
I’ve followed a few guides to get this going, and this one is possibly the most useful one I’ve come across.
So far, I’ve had bits and pieces working, but I haven’t managed to get them all working together at the same time.
Over the next few days, I’ll be documenting (in as much details as I can remember), the steps needed to set this up. I’m doing this for personal documentation purposes as well as to share with the community should anyone else want to do something similar.
So stay tuned, subscribe to my RSS feed, and keep your eyes open for my follow-up posts.