OpenConnect VPN server (ocserv) is an Open Source SSL VPN server. for secure and scalable VPN infrastructure.
It is launched with the following settings
- 2 Device connections for each user (
max-same-clients=2) - Up to 32 clients (
max-clients=32) 10.10.10.0/24as the internal IP pool- Listens on port
443 - Tunnels DNS to the server
1- copy docker-compose.yml in your Server or clone project
2- Replace the <IPorDNS> variable in docker-compse.yml with appropriate value.
3- Uncommet & Edit volume related to certificate if use valid SSL
volumes:
- /etc/letsencrypt/live/<EXAMPLE.com>/fullchain.pem:/etc/ocserv/server-cert.pem
- /etc/letsencrypt/live/<EXAMPLE.com>/privkey.pem:/etc/ocserv/server-key.pem3- Run docker-compose up -d.
docker exec -it ocserv ash -c "ocuser create <username>"docker exec ocserv ash -c "ocuser delete <username>"docker exec ocserv ash -c "ocuser lock <username>"docker exec ocserv ash -c "ocuser unlock <username>"view ocpasswd file
docker exec ocserv cat /etc/ocserv/data/ocpasswd
you will need an SSL certificate, It's up to you how you would like to generate it or Use It
You need to have a domain pointing to your server IP address and ports 80 and 443 available to be listened to by the container for letsencrypt ACME challenge verification.
for mor info view this link ...
If you can't create one ( ports 80 and 443 are not available on your server, or you don't have a domain), a fallback script will generate a self-signed certificate for you inside the container. The only difference is a warning message about the certificate not being trusted when logging in.