PUQ Mautic

Business-VPN WHMCS module

The module is intended as an opportunity for IT companies to expand their offer for customers by offering paid VPN accounts. After installation, the module will fully manage the creation, edition, and suspension of VPN accounts and interact with the WHMCS billing system, exchanging data needed for settlements with customers, activations or service blocking.

Description

 Order now | Dowload | Forum

The Business VPN module provides an opportunity to sell the Virtual Private Network service for business clients.

The module is designed as a professional solution for companies and corporations, which enables remote access to company resources from anywhere in the world in a safe and monitored manner. The biggest difference from common VPN solutions such as NordVPN, EasyVPN etc. is the professional nature of the service.

 
What makes Business VPN different from regular, widely offered VPNs

The end customer of the service receives such opportunities as:

Thanks to our solution, the client does not have to delegate the company's resources to carry out this activity, but focus on the practical side of using it, thanks to which he saves money.

This model of operation allows IT departments in companies to configure in detail and securely internal Firewall, passing specific ports, detailed traffic monitoring, or to keep through internal IDS which is not possible when using commonly offered solutions.
Such a VPN becomes an integral part of the company's IT infrastructure and is ideally suited to the conditions of a given client.

 

Who and why needs such a service that this module provides.

The service offers to the end customer a fully fledged private network.

  1. The service combines all nodes that are connected via VPN into one private network. This allows you to communicate with each other from different physical locations. An example of use is, the remote work of the company's staff, having private remote access to each other.  Also, due to the fact that each connected VPN user will be presented on the Internet with the public address of the service, it is possible to configure access to the company's servers only from the IP address of the service. Thus restrict access only to everyone except users of the service.
  2. If your employees need to have access to some sites on the Internet and be represented by a public address of a certain geographic location, then this service allows you to implement it. The public address of the service is not changed during the entire time of using the service.
  3. Ability to connect network devices, such as measuring instruments, to the same network, creating remote access to network equipment.

 

Module Functions:

 

Functions of the client area:

 

 

image-1666078466132.png

image-1666078476954.png

image-1666078485836.png

image-1666078492087.png

image-1666078497807.png

image-1666078508021.png

image-1666078514739.png

 

 

 

Changelog

 Order now | Download | Forum
v1.1.5 Released 11-10-2023
  1. Supported WHMCS v8.8.0
  2. Translations added/updated (Arabic, Azerbaijani, Catalan, Chinese, Croatian, Czech, Danish, Dutch, English, Estonian, Farsi, French, German, Hebrew, Hungarian, Italian, Macedonian, Norwegian, Polish,  Romanian, Russian, Spanish, Swedish, Turkish, Ukrainian)

v1.1 Released 03-03-2023
  1. Support Mikrotik v7.8
  2. Support WHMCS v8.6
  3. Support IonCube PHP Loader v12 
  4. Support for PHP 8.1 and PHP 7.4
  5. Change in the way statistics are collected and cleaned
  6. Design change, icons added

v1.0 Released 20-10-2022

First version

Installation and configuration guide

Installation and configuration guide

Basic concepts and requirements

 Order now | Dowload | Forum
Requirements for the successful operation of the module

An IP address class must be reserved for the solution. Each end customer receives one IP address after activating the service.

 

Please refer to the basic mode of operation of the module to better understand its operation and functionality.

The basic logic of the module

During the creation of a service for the end client, the module does the following actions:

  1. Automatically selects a free public IP address from the server available in the settings. When choosing an available IP address, services in the terminated state are not taken into account, i.e. previously used IP. (Previously used IP addresses for services that have not been extended and have expired will be used to activate the service for the new client.)
  2. The module configures the selected public IP address on the network interface of the router.
  3. The module creates firewall rules such as:
    • NAT rules for accessing the Internet private network
    • Allowing firewall rules for communication between IP's of a private network
    • Block rules that block traffic between all other private networks.
Mikrotik management schema

 

 

Installation and configuration guide

1. WHMCS setup(install/update)

 Order now | Dowload | Forum

To install and update a module, you must perform one and the same action.

 
1. Download the latest version of the module.

PHP 8.1

wget http://download.puqcloud.com/WHMCS/servers/PUQ_WHMCS-Business-VPN/PUQ_WHMCS-Business-VPN-latest.zip

PHP 7.4

wget http://download.puqcloud.com/WHMCS/servers/PUQ_WHMCS-Business-VPN/php74/PUQ_WHMCS-Business-VPN-latest.zip

 

All versions are available via link: https://download.puqcloud.com/WHMCS/servers/PUQ_WHMCS-Business-VPN/

 
2. Unzip the archive with the module.
unzip PUQ_WHMCS-Business-VPN-latest.zip
 
3. Copy and Replace "puqBusinessVPN" from "PUQ_WHMCS-Business-VPN" to "WHMCS_WEB_DIR/modules/servers/"
Installation and configuration guide

2. Mikrotik preparation and configuration

 Order now | Download | Forum

 

Note: Enter the following commands one by one and wait for the command to complete.

I. Check RouterOS version

Make sure that the version of RouterOS is 7+

system/package/print 
 
II. Enabling HTTPS Create your own root CA on your router
/certificate
add name=LocalCA common-name=LocalCA key-usage=key-cert-sign,crl-sign
 
III. Sign the newly created CA certificate
/certificate
sign LocalCA
 
IV. Create a new certificate for Webfig (non-root certificate)

Note: as common-name=XXX.XXX.XXX.XXX You enter public IP adddress of the router.

/certificate
add name=Webfig common-name=XXX.XXX.XXX.XXX
 
V. Sign the newly created certificate for Webfig
/certificate
sign Webfig ca=LocalCA 
 
VI. Enable SSL (www-ssl) and specify to use the newly created certificate for Webfig
/ip service
set www-ssl certificate=Webfig disabled=no
 
VII. Enable api-ssl and specify to use the newly created certificate for Webfig
 /ip service 
 set api-ssl certificate=Webfig disabled=no 
 
VIII. Enable VPN server

To enable the VPN server

image-1666164439793.png

 

Installation and configuration guide

3. Add server (router Mikrotik) in WHMCS

 Order now | Dowload | Forum
Add a new server to the system WHMCS.

Login to Your WHMCS panel and create new server in WHMCS (System Settings->Products/Services->Servers)

image-1663142713076.png

System Settings->Servers->Add New Server

Name is just for Your convenience and You can put there anything You like ie: Mygreat mikrotik routr

You can choose whatever hostname You want. Valid entries look similar to: vpn.mydomain.com, ourgreatvpn.mydomain.net. You can also dedicate whole domain ie: myVPNservices.com if You like. The important  thing is to resolve the choosen IP address of the Mikrotik router in DNS server for Your domain.

 

The format in which you need to enter a list of public IP addresses and private subnets is as follows. 

To define the available pool of IP addresses, for each available IP number you should enter another line where the data is separated by the "|" separator. Each line with an IP number definition has the following structure:

<PUBLIC_IP>|<MASK_OF_ PUBLIC_NETWORK>|<PRIVATE_NETWORK>|<MASK_OF_PRIVATE_NETWORK>

image-1666084404668.png

Enter the correct data in the username and password field

image-1666084894938.png

 

Installation and configuration guide

4. Product Configuration

 Order now | Dowload | Forum
Add new product to WHMCS
System Settings->Products/Services->Create a New Product

In the Module settings section, select the "PUQ Business-VPN" module

image-1666343550750.png

VPN users settings
Mikrotik configuration
Basic settings

 

 

 

 

 

 

 

 

Client Area

Client Area

Home screen

 Order now | Dowload | Forum
Basic information on client panel page

 

VPN server: The VPN server address that is entered when creating a VPN connection for the end user

Dedicated IP:  The public IP address that is reserved for the service and through which all users of the VPN service will be represented on the Internet.

Private internal network:  Private subnet whose IP addresses are available to the client to create VPN accounts. When adding a new VPN account, it will be assigned an IP address from this internal pool of addresses.

VPN Protocols: VPN protocols that are available (by default you can easly enable two protocols in Mikrotik router: PPPtP i L2TP )

L2TP IPSec PSK key: In the case of L2TP, this is the encryption key

Number of VPN accounts:Number of used and available VPN client accounts from the pool available based on the defined package.

Bandwidtht download/upload:  The bandwidth rate that will be available on each VPN client account

Function buttons for service management.
List of VPN accounts with technical/dynamic data and also buttons Edit and Reset connections

image-1678182276050.png

 

 

 

 

Client Area

Add VPN account

 Order now | Dowload | Forum
This is how the page for adding a new VPN account looks like.

 

Each VPN account has a unique client ID, the ID is generated according to the scheme <user_id>-<service_id>-Manually entered value. <user_id>-<service_id> are generated automatically by module. You can modify manually the last part.

image-1678182542613.png

To create a new account, the client must enter the following.

Username, Password, Select an available IP address from the dropdown list. Then click the Add VPN account button.

Client Area

Edit VPN account

 Order now | Dowload | Forum
In order to edit a VPN account, you must click on the Edit button on the selected account.

image-1678182767487.png

 

You can edit the following parameters:

 

Also on the editing page there is an opportunity to delete a VPN account.
By pressing the DELETE button

image-1678182828345.png

Client Area

Statistics

 Order now | Dowload | Forum
The module provides visual online statistics of VPN accounts.

It is possible to select a specific data to display statistics.

Statistics are available for the last 60 days.

image-1666088806675.png

Admin Area

Admin Area

Product Home Screen

 Order now | Dowload | Forum
The main screen of the product contains the following items.

image-1666089005494.png