March 13, 2010 at 17:03HOW-TO pptpd + freeradius2 + mysql + abills 0.50b for a small office or small provider on Ubuntu 9.10 / 10.04
At the request of the respected Nesmit, I am publishing it HOW-TO, instead of my own, because I think that his instruction is worthy of more attention than mine, which was in this post, in mine there were many shortcomings and errors. And in vain his article was not allowed into the tape. A very good article. Here she is
ubuntu 9.10, with the goal of updating to 10.04, without touching anything.
pptpd 1.3.4-2
freeradius2.1.0
abills 0.5
dictionary.microsoft
The billing developer is here: abills.net.ua
I would like to thank the developers of this billing!
Objectives:
1. To provide the Internet with a local network.
2. Traffic
accounting 3. Finance
accounting 4. Creation of tariff plans.
5. Speed limit
6. 128bit encryption, there are many reasons.
7.No encryption, but using mschapv2.
8. Encryption of your personal account (apache SSL)
9. Possibility of modernization: integration of the mail server with billing, etc. There are many modules paid and not.
References:
I found 2 useful articles on installing abills.
habrahabr.ru/blogs/linux/23650 - our foundation is
silverghost.org.ua/2008/10/13/ustanovka-billinga-abills-na-ubuntu-804-lts-server-mikrotik-router-os-v-kachestve- servera-dostupa - our foundation number 2
yet:
www.opennet.ru/base/net/abills_server.txt.html - no less useful, but we don’t have microtik.
www.xakep.ru/magazine/xa/112/136/1.asp - pppoe
Description of the parameters in pptpd
www.compress.ru/article.aspx?id=18183&iid=842
In principle, this setting is no different from using PPPoE or microtik as a NAS. The latter is more profitable if there are more than 100 clients without a headache.
We will take information from the first 2 articles, they are closest to our topic. This will result in a revised 1st article with the addition of some details from the 2nd + my dorobotki.
ATTENTION! Before you start installing the system. Decide which network cards you are using. I recommend using intel or 3com cards. PPTP on realteks glitches and breaks down tunnels for no apparent reason.
1. Install the system:
My choice fell on the Ubuntu 9.10 distribution, it is already a proven system in which a set of packages has been worked out. Upgrading to 10.04, which has 1.5 months left, will not be a problem. Good Admin is the lazy Admin. Why do we need a headache? The first server on LTS 8.04 stood for 1.5 years until the hard drive was covered. During this time, no one touched the billing.
After installation, we update, put all the very last: And reboot. We go under the root. 2. Install the necessary packages with one line: During the installation of MySQL server 2 times asks for the root password for mysql server, it will be needed soon! Run the installed modules for Apache: Restart apache: # a2enmod rewrite - MANDATORY, otherwise get an error when entering the admin panel!
3. Download abills 0.50, from the site abills.net.ua unpack it in / usr / abills or use cvs and download the stable release.
Link to files: sourceforge.net/projects/abills/files
4. Create the missing directories and change the rights: Next, edit / etc / sudoers add a line. This command kills vpn tunnels. 5. Set up freeradius, information from the developer's server with edits for our distribution: in /etc/freeradius/radiusd.conf in the modules section we describe the sections: in the exec section, file / etc / freeradius / modules / exec we will look like this: File / etc / freeradius / sites-enabled / default - edit authorize, preacct, post-auth sections. We comment or delete the rest in these sections.
in / etc / freeradius / users We
edit /etc/freeradius/clients.conf we comment everything, add it to the end (client / server on the local machine, if it is better to change the code word on different ones) We proceed to edit the file / etc / freeradius / dictionary, add to the end After that we restart the radius: If it writes an error, then the freeradius -X command generates a log and serves to search for it. 6. Configure radiusclient. Edit / etc / radiusclient / servers dictionary.microsoft put in / etc / radiusclient / these files are responsible for supporting mschap v2 and mppe you can take the file with cakebilling.googlecode.com/files/etc.tar.bz2 without it mschap2 and mppe refuses to work .
add the lines to the dictionary file : edit the file / etc / hosts vpn-server - this is the name of YOUR server, change at your discretion. Otherwise, the radius client will not be able to connect to the radius server. 7. Next, you need to create a database for AbillS. Option 2: You can do it easier, install the phpmyadmin package and do everything in 1 minute including generating a strong password. then the ip-address of your server / phpmyadmin we enter the root login and password to manage the server and the tab “Privileges” -> “Add new user” Username: abills Host: localhost Password: click the generate button, remember or write down the password.
Put a daw: Create a database with the username in the name and provide full privileges to it.
Click OK, the base is created.
Now the database dump from the directory with abills needs to be entered into the database. We
configure the Abills configuration file.
In the / usr / abills / libexec folder, we then edit it. We indicate the correct details for accessing the database, also change some parameters: Disable unnecessary modules: 8. Fix conf /usr/abills/Abills/defs.conf change only the lines below. Backup will work now, the config is initially configured for freeBSD. 8. We create the certificate for Apache we answer questions of the following command:
Replace the text from / etc / apache2 / sites-available / default-ssl with the given one. WHEN COPYING, REMOVE SIGNS UNDERSTANDING BEFORE AND AFTER A SLASH !!! Change the codec to cp1251 here /etc/apache2/conf.d/charset Create a symlink: Restart apache Check the server, go to: ip-address-your-server / admin If everything was successful, gut. If not, read the logs. They have all the power! 9. Configuring pptpd: Editing /etc/pptpd.conf Editing / etc / ppp / options, adding a line Editing / etc / ppp / pptpd-options, adding lines: By default, the config is configured to mschap-v2 + mppe. We write a shaper script and give launch rights.
There is another way to shape. Via the IPN module. You can read about this method in the developer's forum.
10. Optionally, install squid, make it transparent.
change the lines in the /etc/squid/squid.conf file to By default, all possible networks are registered in the config, remove the comment: restart the service 11. Turn on the nat and write the following lines to the rc.local file firewall rules: ip address 192.168.1.10, looks towards adsl router. The script is primitive, but enough for a start. 12. In / etc / crontab we enter the following. 13. Configuring Abills Open the admin web interface at ip-address-your-server / admin
The username / password abills / abills can be changed later.
Default. NAS, user and tariff has already been created. We will change according to our conditions.
We go System->
Ip Access Server we write 127.0.0.1
Choose the type pppd: pppd + Radius
Alive (sec.): 120
RADIUS Parameters (,): Acct-Interim-Interval = 60
Now add the IP POOLs:
set 192.168.160.2-192.168. 160.254
We set up tariff groups:
/ System / Internet / Tariff plans / Groups /
added: unlimited, GID: 0
Go to / System / Internet / Tariff plans /
#: 1
Name: “unlimited”
Group: “1: unlimited”
Daily а / n: 10
add
Determine the speed:
/ System / Internet / Tariff plans /
click on, the selected rate "Intervals"
click the add button, then
enter the traffic speed, add.
Now we get the user:
/ Clients / Logins / Internet / Users Add /
create a client: password, login, name, credit. And immediately you can put money into the account.
The main thing here is to first create tariff groups, and then the tariffs themselves. In addition, read on WiKi in detail about all the options. Usually they start yelling before they realize what the options mean.
According to this instruction, I raised 4 servers and are working successfully.
Already not relevant, abillas pleases with its stability and flexibility, the rest is in your hands.
If you need to remove encryption, do this:
We remove the line “require-mppe-128” in the file / etc / ppp / pptpd-options This will give more stability to the VPN tunnels and relieve the CPU.
Screenshots of the result:
All thanks to address Nesmit'y from forum.ubuntu.ru =) I have nothing to do with it. He did this article, I just conveyed it to people, because on his behalf stubbornly did not allow this article to be published!))
Good luck! I am ready to listen to all questions, including malfunctions.
ubuntu 9.10, with the goal of updating to 10.04, without touching anything.
pptpd 1.3.4-2
freeradius2.1.0
abills 0.5
dictionary.microsoft
The billing developer is here: abills.net.ua
I would like to thank the developers of this billing!
Objectives:
1. To provide the Internet with a local network.
2. Traffic
accounting 3. Finance
accounting 4. Creation of tariff plans.
5. Speed limit
6. 128bit encryption, there are many reasons.
7.No encryption, but using mschapv2.
8. Encryption of your personal account (apache SSL)
9. Possibility of modernization: integration of the mail server with billing, etc. There are many modules paid and not.
References:
I found 2 useful articles on installing abills.
habrahabr.ru/blogs/linux/23650 - our foundation is
silverghost.org.ua/2008/10/13/ustanovka-billinga-abills-na-ubuntu-804-lts-server-mikrotik-router-os-v-kachestve- servera-dostupa - our foundation number 2
yet:
www.opennet.ru/base/net/abills_server.txt.html - no less useful, but we don’t have microtik.
www.xakep.ru/magazine/xa/112/136/1.asp - pppoe
Description of the parameters in pptpd
www.compress.ru/article.aspx?id=18183&iid=842
In principle, this setting is no different from using PPPoE or microtik as a NAS. The latter is more profitable if there are more than 100 clients without a headache.
We will take information from the first 2 articles, they are closest to our topic. This will result in a revised 1st article with the addition of some details from the 2nd + my dorobotki.
ATTENTION! Before you start installing the system. Decide which network cards you are using. I recommend using intel or 3com cards. PPTP on realteks glitches and breaks down tunnels for no apparent reason.
1. Install the system:
My choice fell on the Ubuntu 9.10 distribution, it is already a proven system in which a set of packages has been worked out. Upgrading to 10.04, which has 1.5 months left, will not be a problem. Good Admin is the lazy Admin. Why do we need a headache? The first server on LTS 8.04 stood for 1.5 years until the hard drive was covered. During this time, no one touched the billing.
After installation, we update, put all the very last: And reboot. We go under the root. 2. Install the necessary packages with one line: During the installation of MySQL server 2 times asks for the root password for mysql server, it will be needed soon! Run the installed modules for Apache: Restart apache: # a2enmod rewrite - MANDATORY, otherwise get an error when entering the admin panel!
#apt-get update
#apt-get dist-upgrade$ sudo -s -H #apt-get install mysql-server mysql-client libmysqlclient15-dev apache2 apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-curl php5-dev php5-gd php5-idn php-pear php5-imagick php5-imap php5-mcrypt libdbi-perl libdbd-mysql-perl libdigest-md4-perl libdigest-sha1-perl libcrypt-des-perl freeradius radiusclient1 radiusclient1 pptpd#a2enmod ssl
#a2enmod rewrite
#a2enmod suexec
#a2enmod include#/etc/init.d/apache2 restart3. Download abills 0.50, from the site abills.net.ua unpack it in / usr / abills or use cvs and download the stable release.
Link to files: sourceforge.net/projects/abills/files
4. Create the missing directories and change the rights: Next, edit / etc / sudoers add a line. This command kills vpn tunnels. 5. Set up freeradius, information from the developer's server with edits for our distribution: in /etc/freeradius/radiusd.conf in the modules section we describe the sections: in the exec section, file / etc / freeradius / modules / exec we will look like this: File / etc / freeradius / sites-enabled / default - edit authorize, preacct, post-auth sections. We comment or delete the rest in these sections.
# mkdir /usr/abills/backup
# chown -R www-data:www-data /usr/abills/backup
# mkdir /usr/abills/cgi-bin/admin/nets
# chown -R www-data:www-data /usr/abills/cgi-bin/
# mkdir /usr/abills/var
# mkdir /usr/abills/var/log
# chown -R freerad:freerad /usr/abills/varwww-data ALL=NOPASSWD: /usr/abills/misc/pppd_kill#abills_preauth
exec abills_preauth {
program = "/usr/abills/libexec/rauth.pl pre_auth"
wait = yes
input_pairs = request
shell_escape = yes
#output = no
output_pairs = config
}
#abills_postauth
exec abills_postauth {
program = "/usr/abills/libexec/rauth.pl post_auth"
wait = yes
input_pairs = request
shell_escape = yes
#output = no
output_pairs = config
}
#abills_auth
exec abills_auth {
program = "/usr/abills/libexec/rauth.pl"
wait = yes
input_pairs = request
shell_escape = yes
output = no
output_pairs = reply
}
#abills_acc
exec abills_acc {
program = "/usr/abills/libexec/racct.pl"
wait = yes
input_pairs = request
shell_escape = yes
output = no
output_pairs = reply
}exec {
wait = yes
input_pairs = request
shell_escape = yes
output = none
output_pairs = reply
}authorize {
preprocess
abills_preauth
mschap
files
abills_auth
}
preacct {
preprocess
abills_acc
}
post-auth {
Post-Auth-Type REJECT {
abills_postauth
}
}
in / etc / freeradius / users We
DEFAULT Auth-Type = Acceptedit /etc/freeradius/clients.conf we comment everything, add it to the end (client / server on the local machine, if it is better to change the code word on different ones) We proceed to edit the file / etc / freeradius / dictionary, add to the end After that we restart the radius: If it writes an error, then the freeradius -X command generates a log and serves to search for it. 6. Configure radiusclient. Edit / etc / radiusclient / servers dictionary.microsoft put in / etc / radiusclient / these files are responsible for supporting mschap v2 and mppe you can take the file with cakebilling.googlecode.com/files/etc.tar.bz2 without it mschap2 and mppe refuses to work .
client localhost {
ipaddr = 127.0.0.1
secret = radsecret
shortname = shortname
}# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
# Connection Speed Limit
ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer
ATTRIBUTE Acct-Interim-Interval 85 integer#/etc/init.d/freeradius restart127.0.0.1 radsecretadd the lines to the dictionary file : edit the file / etc / hosts vpn-server - this is the name of YOUR server, change at your discretion. Otherwise, the radius client will not be able to connect to the radius server. 7. Next, you need to create a database for AbillS. Option 2: You can do it easier, install the phpmyadmin package and do everything in 1 minute including generating a strong password. then the ip-address of your server / phpmyadmin we enter the root login and password to manage the server and the tab “Privileges” -> “Add new user” Username: abills Host: localhost Password: click the generate button, remember or write down the password.
INCLUDE /etc/radiusclient/dictionary.microsoft
# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
# Connection Speed Limit
ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer
ATTRIBUTE Acct-Interim-Interval 85 integer127.0.0.1 localhost vpn-server
127.0.1.1 localhost vpn-server#mysql -u root -pGRANT ALL ON abills.* TO abills@localhost IDENTIFIED BY "yourpassword";
CREATE DATABASE abills;sudo apt-get install phpmyadminPut a daw: Create a database with the username in the name and provide full privileges to it.
Click OK, the base is created.
Now the database dump from the directory with abills needs to be entered into the database. We
#mysql -u root -p abills < abills.sql configure the Abills configuration file.
In the / usr / abills / libexec folder, we then edit it. We indicate the correct details for accessing the database, also change some parameters: Disable unnecessary modules: 8. Fix conf /usr/abills/Abills/defs.conf change only the lines below. Backup will work now, the config is initially configured for freeBSD. 8. We create the certificate for Apache we answer questions of the following command:
#cd /usr/abills/libexec
#cp config.pl.default config.pl$conf{dbhost}='localhost';
$conf{dbname}='abills';
$conf{dbuser}='abills';
$conf{dbpasswd}='SxTcBAx7dYfR7cG7';
$conf{dbcharset}='utf-8';
$conf{default_language}='russian';
$conf{periodic_check}='yes';
$conf{ERROR_ALIVE_COUNT} = 10;
$conf{RADIUS2}=1;
@MODULES = ('Dv',
# 'Voip',
# 'Docs',
# 'Mail',
'Sqlcmd');
$SNMPWALK = '/usr/bin/snmpwalk';
$SNMPSET = '/usr/bin/snmpset';
$GZIP = '/bin/gzip';
$TAR='/bin/tar';
$MYSQLDUMP = '/usr/bin/mysqldump';
$IFCONFIG='/sbin/ifconfig';#mkdir /etc/apache2/ssl#make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
#a2enmod ssl
Replace the text from / etc / apache2 / sites-available / default-ssl with the given one. WHEN COPYING, REMOVE SIGNS UNDERSTANDING BEFORE AND AFTER A SLASH !!! Change the codec to cp1251 here /etc/apache2/conf.d/charset Create a symlink: Restart apache Check the server, go to: ip-address-your-server / admin If everything was successful, gut. If not, read the logs. They have all the power! 9. Configuring pptpd: Editing /etc/pptpd.conf Editing / etc / ppp / options, adding a line Editing / etc / ppp / pptpd-options, adding lines: By default, the config is configured to mschap-v2 + mppe. We write a shaper script and give launch rights.
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
DocumentRoot /usr/abills/cgi-bin/
Alias /abills "/usr/abills/cgi-bin/"
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_CGI_AUTHORIZATION:%1]
Options Indexes ExecCGI SymLinksIfOwnerMatch
<_/_IfModule>
AddHandler cgi-script .cgi
Options Indexes ExecCGI FollowSymLinks
AllowOverride none
DirectoryIndex index.cgi
#Options ExecCGI
Order allow,deny
Deny from all
<_/_Files>
<_/_Directory>
#Admin interface
AddHandler cgi-script .cgi
Options Indexes ExecCGI FollowSymLinks
AllowOverride none
DirectoryIndex index.cgi
order deny,allow
allow from all
<_/_Directory>
ErrorLog /var/log/apache2/error-abills.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access-abills.log combined
<_/_virtualhost>
AddDefaultCharset cp1251#ln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/default-ssl
#/etc/init.d/apache2 restartppp /usr/sbin/pppd
option /etc/ppp/pptpd-options
connections 500
localip 192.168.160.1
+mschap-v2ms-dns 192.168.160.1 # или любой удобный для вас днс сервер
asyncmap 0
lcp-echo-failure 30
lcp-echo-interval 5
ipcp-accept-local
ipcp-accept-remote
plugin radius.so
plugin radattr.so
#touch /etc/ppp/ip-up.d/shaper
#chmod 744 /etc/ppp/ip-up.d/shaper
#nano /etc/ppp/ip-up.d/shaper
#!/bin/sh
if [ -f /var/run/radattr.$1 ]
then
DOWNSPEED=`/usr/bin/awk '/PPPD-Downstream-Speed-Limit/ {print $2}' /var/run/radattr.$1`
UPSPEED=`/usr/bin/awk '/PPPD-Upstream-Speed-Limit/ {print $2}' /var/run/radattr.$1`
# echo $DOWNSPEED
# echo $UPSPEED >
/sbin/tc qdisc del dev $1 root > /dev/null
/sbin/tc qdisc del dev $1 ingress > /dev/null
##### speed server->client
if [ "$UPSPEED" != "0" ] ;
then
# /sbin/tc qdisc add dev $1 root handle 1: htb default 20 r2q 1
/sbin/tc qdisc add dev $1 root handle 1: htb default 20
/sbin/tc class add dev $1 parent 1: classid 1:1 htb rate ${UPSPEED}kbit burst 4k
/sbin/tc class add dev $1 parent 1:1 classid 1:10 htb rate ${UPSPEED}kbit burst 4k prio 1
/sbin/tc class add dev $1 parent 1:1 classid 1:20 htb rate ${UPSPEED}kbit burst 4k prio 2
/sbin/tc qdisc add dev $1 parent 1:10 handle 10: sfq perturb 10 quantum 1500
/sbin/tc qdisc add dev $1 parent 1:20 handle 20: sfq perturb 10 quantum 1500
/sbin/tc filter add dev $1 parent 1:0 protocol ip prio 10 u32 match ip tos 0x10 0xff flowid 1:10
/sbin/tc filter add dev $1 parent 1:0 protocol ip prio 10 u32 match ip protocol 1 0xff flowid 1:10
/sbin/tc filter add dev $1 parent 1: protocol ip prio 10 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u160x0000 0xffc0 at 2 match u8 0x10 0xff at 33 flowid 1:10
fi
##### speed client->server
if [ "$DOWNSPEED" != "0" ] ;
then
/sbin/tc qdisc add dev $1 handle ffff: ingress
/sbin/tc filter add dev $1 parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${DOWNSPEED}kbit burst 12k drop flowid :1
fi
fiThere is another way to shape. Via the IPN module. You can read about this method in the developer's forum.
10. Optionally, install squid, make it transparent.
#apt-get install squidchange the lines in the /etc/squid/squid.conf file to By default, all possible networks are registered in the config, remove the comment: restart the service 11. Turn on the nat and write the following lines to the rc.local file firewall rules: ip address 192.168.1.10, looks towards adsl router. The script is primitive, but enough for a start. 12. In / etc / crontab we enter the following. 13. Configuring Abills Open the admin web interface at ip-address-your-server / admin
http_port 3128
http_port 3128 transparenthttp_access allow localnet# /etc/init.d/squid restart# Сбросить правила и удалить цепочки.
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X
iptables -t nat -X
iptables -t mangle -X
#Правила для NAT
iptables -t nat -A POSTROUTING -s 192.168.160.0/255.255.255.0 -j SNAT --to-source 192.168.1.10
#Правило для прозрачного прокси, если таковой имеется.
iptables -t nat -A PREROUTING -p tcp -s 192.168.160.0/24 --dport 80 -j REDIRECT --to-port 3128
#Закрываем важные порты на Интерфейсах
iptables -A INPUT -p TCP -i eth0 --dport 3128 -j DROP #Порты proxy
iptables -A INPUT -p TCP -i eth1 --dport 3128 -j DROP
iptables -A INPUT -p TCP -i eth0 --dport 3306 -j DROP #mysql
iptables -A INPUT -p TCP -i eth1 --dport 3306 -j DROP
#Открываем Фовардинг
echo "1" > /proc/sys/net/ipv4/ip_forward
exit 0*/5 * * * * root /usr/abills/libexec/billd -all
1 0 * * * root /usr/abills/libexec/periodic daily
1 0 1 * * root /usr/abills/libexec/periodic monthly
#backup
1 3 * * * root /usr/abills/libexec/periodic backup
The username / password abills / abills can be changed later.
Default. NAS, user and tariff has already been created. We will change according to our conditions.
We go System->
Ip Access Server we write 127.0.0.1
Choose the type pppd: pppd + Radius
Alive (sec.): 120
RADIUS Parameters (,): Acct-Interim-Interval = 60
Now add the IP POOLs:
set 192.168.160.2-192.168. 160.254
We set up tariff groups:
/ System / Internet / Tariff plans / Groups /
added: unlimited, GID: 0
Go to / System / Internet / Tariff plans /
#: 1
Name: “unlimited”
Group: “1: unlimited”
Daily а / n: 10
add
Determine the speed:
/ System / Internet / Tariff plans /
click on, the selected rate "Intervals"
click the add button, then
enter the traffic speed, add.
Now we get the user:
/ Clients / Logins / Internet / Users Add /
create a client: password, login, name, credit. And immediately you can put money into the account.
The main thing here is to first create tariff groups, and then the tariffs themselves. In addition, read on WiKi in detail about all the options. Usually they start yelling before they realize what the options mean.
Already not relevant, abillas pleases with its stability and flexibility, the rest is in your hands.
If you need to remove encryption, do this:
We remove the line “require-mppe-128” in the file / etc / ppp / pptpd-options This will give more stability to the VPN tunnels and relieve the CPU.
Screenshots of the result:
All thanks to address Nesmit'y from forum.ubuntu.ru =) I have nothing to do with it. He did this article, I just conveyed it to people, because on his behalf stubbornly did not allow this article to be published!))
Good luck! I am ready to listen to all questions, including malfunctions.