This plug-in enhances OpenVPN by adding user name and password authentication in addition. An eurephia user account is a combination of minimum one OpenVPN SSL certificate and a user name with a password assigned. It is also possible to setup several eurephia user names to use a shared OpenVPN certificate.

If too many failed log-ins is attempted, eurephia will also automatically blacklist IP addresses, certificates or user accounts, depending on how the allowed failed attempts thresholds is set. The user accounts and certificates can also be manually blocked, and upon the next authentication (also within active sessions) the user will be rejected immediately.

eurephia supports dynamic firewall updates per connection/session on an OpenVPN based router/firewall. This means that each user account may have their own restricted access profile to the network, and you can control the network access with great granularity. This is achieved by using predefined iptables chains, which is activated after the user is authenticated. Which predefined iptables chain to use, depends on how you have setup the access profile for the user accounts and certificates. For more in-depth information, have a look at the wiki pages.

All information is stored in a database and all changes to the accounts will be effective immediately. At the moment eurephia supports the SQLite database. A driver for PostgreSQL will come in version 1.1 and a MySQL driver is being planned, possibly ready for version 1.2. In the source code, you will also find a template for a database driver. Based on this template, it should not be too difficult to write an additional driver to other database engines.