diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/access e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/access
--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/access	1969-12-31 19:00:00.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/access	2021-03-03 13:28:59.005000000 -0500
@@ -0,0 +1 @@
+public
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault
--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault	1969-12-31 19:00:00.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/AccessDefault	2021-03-03 13:29:19.905000000 -0500
@@ -0,0 +1 @@
+no
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/sessions e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/sessions
--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/sessions	1969-12-31 19:00:00.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/sessions	2021-03-03 13:26:20.122000000 -0500
@@ -0,0 +1 @@
+0
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/status e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/status
--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/status	1969-12-31 19:00:00.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/status	2021-03-03 13:25:24.290000000 -0500
@@ -0,0 +1 @@
+disabled
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/type e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/type
--- e-smith-base-5.8.0.old/root/etc/e-smith/db/configuration/defaults/vpn/type	1969-12-31 19:00:00.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/db/configuration/defaults/vpn/type	2021-03-03 13:25:50.502000000 -0500
@@ -0,0 +1 @@
+configuration
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess e-smith-base-5.8.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess
--- e-smith-base-5.8.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess	2016-02-04 18:14:13.000000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/remoteaccess	2021-03-03 15:12:34.138000000 -0500
@@ -48,8 +48,8 @@
 	<trans>Number of PPTP clients</trans>
     </entry>
      <entry>
-       <base>NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE</base>
-       <trans>The number of pptp clients is greater than the number of reserved IP for DHCP. You should take a smaller number.</trans>
+       <base>NUMBER_OF_VPN_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE</base>
+       <trans>The number of VPN clients is greater than the number of reserved IP for DHCP. You should take a smaller number.</trans>
     </entry>
     <entry>
         <base>LABEL_SSH_PORT</base>
@@ -124,6 +124,15 @@
 	</trans>
     </entry>
     <entry>
+        <base>DESC_VPN</base>
+        <trans><![CDATA[ <hr class="sectionbar" /><h2>VPN Settings</h2>
+            You can allow VPN access to your server.
+            You should leave this feature disabled by setting the value
+            to the number 0 unless you require VPN access.
+            ]]>
+        </trans>
+    </entry>
+    <entry>
 	<base>VALUE_ZERO_OR_POSITIVE</base>
 	<trans>Value must be zero or a positive integer</trans>
     </entry>
@@ -243,4 +252,8 @@
 	<base>LABEL_IPSECRW_RESET</base>
 	<trans>Reset digital certificates</trans>
     </entry>
+    <entry>
+        <base>DESC_IPSEC_VPN_UNAVAILABLE</base>
+        <trans>IPSEC VPN is not installed. Please install the contrib if you need VPN access.</trans>
+    </entry>
 </lexicon>  
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/tests/10e-smith-base/configuration.conf e-smith-base-5.8.0/root/etc/e-smith/tests/10e-smith-base/configuration.conf
--- e-smith-base-5.8.0.old/root/etc/e-smith/tests/10e-smith-base/configuration.conf	2021-03-03 13:00:51.018000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/tests/10e-smith-base/configuration.conf	2021-03-03 15:12:44.565000000 -0500
@@ -84,7 +84,6 @@
 pop3s=service|access|private|status|enabled
 popd=service|access|private|status|enabled
 pppoe=service|DemandIdleTime|no|InitscriptOrder|57|SynchronousPPP|no|status|disabled
-pptpd=service|sessions|10|status|disabled
 qmail=service|InitscriptOrder|80|status|enabled
 random=service|InitscriptOrder|20|status|enabled
 scanner=service|ScannerFns|iscan|UpdateTime|1:14|scanMail|yes|status|enabled
@@ -96,4 +95,5 @@
 sync=service|Host|service.e-smith.com|LastId|0|SuccessId|0|SyncFrequency|1|SyncMinute|57|status|disabled
 rsyslog=service|InitscriptOrder|05|status|enabled
 telnet=service|access|private|status|disabled
+vpn=configuration|sessions|10|status|disabled
 wibble=42
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/remoteaccess e-smith-base-5.8.0/root/etc/e-smith/web/functions/remoteaccess
--- e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/remoteaccess	2021-03-03 13:00:51.242000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/web/functions/remoteaccess	2021-03-03 15:12:09.789000000 -0500
@@ -60,6 +60,7 @@
 ok ($ua->{form}->find_input('sshAccess'), 'Finding the sshAccess field');
 ok ($ua->{form}->find_input('sshPermitRootLogin'), 'Finding the sshPermitRootLogin field');
 ok ($ua->{form}->find_input('sshTCPPort'), 'Finding the sshTCPPort field');
+ok ($ua->{form}->find_input('vpnSessions'), 'Finding the vpnSessions field');
 ok ($ua->{form}->find_input('sshPasswordAuthentication'), 'Finding the sshPasswordAuthentication field');
 ok ($ua->{form}->find_input('FTPLimits'), 'Finding the FTPLimits field');
 ok ($ua->{form}->find_input('TelnetAccess'), 'Finding the TelnetAccess field');
@@ -69,6 +70,7 @@
     $ua->field('sshAccess' => 'public');
     $ua->field('sshPermitRootLogin' => 'yes');
     $ua->field('sshTCPPort' => '22');
+    $ua->field('vpnSessions' => '10');
     $ua->field('sshPasswordAuthentication' => 'yes');
     $ua->field('FTPLimits' => 'normal');
     $ua->field('TelnetAccess' => 'private');
@@ -94,6 +96,8 @@
     
     is ($db->get('ftp')->prop('access'), 'private', "ftp access is private");
     is ($db->get('ftp')->prop('accessLimits'), 'normal', "ftp access limits are normal");
+    is ($db->get('vpn')->prop('sessions') ,'10', "Got the right session count for vpn");
+    is ($db->get('vpn')->prop('status') ,'enabled', "vpn is enabled");
     is ($db->get('telnet')->prop('access'), 'private', "Private telnet turned on");
 }
 
@@ -107,6 +111,12 @@
     <page name="First"  post-event="change_settings()"
 	pre-event="print_status_message()">
 
+       <field type="text" id="vpnSessions" size="3" validation="zero_or_positive(), vpn_and_dhcp_range()"
+           value="get_vpn_sessions()">
+           <label>LABEL_PPTP</label>
+           <description>DESC_VPN</description>
+       </field>
+
         <subroutine src="show_ipsecrw_section()"/>
 
         <subroutine src="show_valid_from_list()"/>
diff -Nur e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/useraccounts e-smith-base-5.8.0/root/etc/e-smith/web/functions/useraccounts
--- e-smith-base-5.8.0.old/root/etc/e-smith/web/functions/useraccounts	2021-03-03 13:00:51.243000000 -0500
+++ e-smith-base-5.8.0/root/etc/e-smith/web/functions/useraccounts	2021-03-03 15:11:52.696000000 -0500
@@ -211,6 +211,10 @@
             >
             <label>FORWARDING_ADDRESS</label>
         </field>
+        <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
+            'no' => 'NO'" validation="nonblank" value="get_vpn_value()">
+            <label>VPN_CLIENT_ACCESS</label>
+        </field>
         <subroutine src="print_ipsec_client_section()" />
         <subroutine src="print_groupMemberships_field()" />
         <subroutine src="print_save_or_add_button()" />
@@ -237,7 +241,7 @@
             <label>FORWARDING_ADDRESS</label>
         </field>
         <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
-            'no' => 'NO'" validation="nonblank" value="get_pptp_value()">
+            'no' => 'NO'" validation="nonblank" value="get_vpn_value()">
             <label>VPN_CLIENT_ACCESS</label>
         </field>  
         <subroutine src="print_ipsec_client_section()" />
diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm
--- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm	2021-03-03 13:00:51.290000000 -0500
+++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm	2021-03-03 15:12:22.456000000 -0500
@@ -1682,7 +1682,7 @@
         (
          title => gettext("Select end of DHCP host number range"),
          text  =>
-         gettext("Please enter the last host address in this range. If you are using the standard server defaults and have no particular preference, you should keep the default value. Think to add enough ip for pptp sessions."),
+         gettext("Please enter the last host address in this range. If you are using the standard server defaults and have no particular preference, you should keep the default value. Think to add enough ip for vpn sessions."),
          value   => $serverEnd
         );
 
@@ -1692,11 +1692,11 @@
     {
         if ( isValidIP($choice) )
         {
-        # retrieve values to verifiy if ip_count > pptp_sessions
+        # retrieve values to verifiy if ip_count > vpn_sessions
         my $ip_start      = unpack 'N', inet_aton($serverStart);
         my $ip_end        = unpack 'N', inet_aton($choice);
         my $ip_count      = $ip_end - $ip_start;
-        my $pptp_sessions = $db->get_prop('pptpd','sessions');
+        my $vpn_sessions = $db->get_prop('vpn','sessions');
 
 	    my $dhcp_net = ipv4_network($choice, $priv_mask);
 	    if ($dhcp_net eq $priv_net)
@@ -1709,7 +1709,7 @@
 		if (cmpIP($serverStart, $choice) < 0)
 		{
 		    if (((cmpIP($priv_ip, $serverStart) < 0) ||
-			(cmpIP($choice, $priv_ip) < 0)) && ($ip_count > $pptp_sessions))
+			(cmpIP($choice, $priv_ip) < 0)) && ($ip_count > $vpn_sessions))
 		    {
 			# need to check for valid range as well.
 			unless ($choice eq $serverEnd)
@@ -1718,12 +1718,12 @@
 			}
 			goto DNS_FORWARDER;
 		    }
-            # We want to verify that the number of pptp_IP reserved is not superior
+            # We want to verify that the number of vpn_IP reserved is not superior
             # than the number of dhcp_IP set in the range
-            elsif ($ip_count <= $pptp_sessions)
+            elsif ($ip_count <= $vpn_sessions)
             {
-            $errmsg = gettext("There is not enough IP in the range to include all your pptp sessions");
-            $choice = $pptp_sessions . ' allowed pptp clients';
+            $errmsg = gettext("There is not enough IP in the range to include all your vpn sessions");
+            $choice = $vpn_sessions . ' allowed vpn clients';
             }
 		    else
 		    {
diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm
--- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm	2021-03-03 13:00:51.243000000 -0500
+++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/remoteaccess.pm	2021-03-03 15:11:40.938000000 -0500
@@ -43,6 +43,7 @@
 		validate_network_and_mask ip_number_or_blank subnet_mask_or_blank
 		show_telnet_section get_serial_console show_ftp_section
 		get_ipsecrw_sessions show_ipsecrw_section 
+		get_vpn_sessions
 );
 
 
@@ -143,6 +144,23 @@
     return ($access  eq 'public') ? 'normal' : 'private';
 }
 
+=head2 get_vpn_sessions
+
+Get the # of vpn sessions defined in the sessions property of the generik vpn config file variable
+
+=cut
+
+  sub get_vpn_sessions {
+  my $status = get_prop('','vpn','status');
+  if (defined($status) && ($status eq 'enabled')) {
+    
+    return(get_prop('','vpn','sessions') || '0');
+  }
+  else {
+    return('0');
+  }
+}
+
 =head2 get_ssh_permit_root_login
 
 returns 'yes' or 'no' depending on whether ssh permit root login is enabled
@@ -355,13 +373,13 @@
 
 =pod
 
-=head2 pptp_and_dhcp_range
+=head2 vpn_and_dhcp_range
 
-Validate the input of pptp session if it is not superior than the maximum number of ip between dhcpd_start and dhcpd_end
+Validate the input of vpn session if it is not superior than the maximum number of ip between dhcpd_start and dhcpd_end
 
 =cut
 
-sub pptp_and_dhcp_range
+sub vpn_and_dhcp_range
 {
   my $self = shift;
   my $val = shift || 0;
@@ -375,7 +393,7 @@
         my $ip_end       = unpack 'N', inet_aton($dhcp_end);
         my $ip_count     = $ip_end - $ip_start;
         return 'OK' if( $val < $ip_count );
-        return $self->localise('NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE');
+        return $self->localise('NUMBER_OF_VPN_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE');
         }
     else
         {
@@ -646,6 +664,7 @@
     my $sshTCPPort = ($q->param ('sshTCPPort') || '22');
     my $ftplogin = ($q->param ('FTPPasswordLogin') || 'private');
     my $ftpaccess = ($q->param ('FTPAccess') || 'off');
+    my $vpnSessions = ($q->param ('vpnSessions') || '0');
 #    my $serialConsole = ($q->param ('serialConsole') || 'disabled');
 
     #------------------------------------------------------------
@@ -697,6 +716,17 @@
     	}
     }
 
+    if ($vpnSessions == 0)
+    {
+       $db->get('vpn')->set_prop('sessions', $vpnSessions);
+       $db->get('vpn')->set_prop('status', 'disabled');
+    }
+    else
+    {
+       $db->get('vpn')->set_prop('status', 'enabled');
+       $db->get('vpn')->set_prop('sessions', $vpnSessions);
+    }
+
 
 # REMOVED by markk, May 16 2005 - see DPAR MN00084537
 #    $rec = $db->get('serial-console');
@@ -761,7 +791,7 @@
     my $q = $self->cgi;
 
     # Don't show ipsecrw setting unless the status property exists
-    return '' unless ($db->get('ipsec') 
+    return $self->localise('DESC_IPSEC_VPN_UNAVAILABLE') unless ($db->get('ipsec') 
 			&& $db->get('ipsec')->prop('RoadWarriorStatus'));
 
     print $q->Tr(
diff -Nur e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm
--- e-smith-base-5.8.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm	2021-03-03 13:00:51.244000000 -0500
+++ e-smith-base-5.8.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/useraccounts.pm	2021-03-03 15:10:48.081000000 -0500
@@ -51,6 +51,7 @@
     reset_password
     check_password
     print_save_or_add_button
+    get_vpn_value
     print_ipsec_client_section
     get_prop
 
@@ -285,7 +286,10 @@
             ($rec ? ($rec->prop('EmailForward')) : 'local'); 
         my $fwd = $cgi->param('ForwardAddress') ? 
             $cgi->param('ForwardAddress') :
-            ($rec ? ($rec->prop('ForwardAddress')) : '');
+            ($rec ? ($rec->prop('ForwardAddress')) : ''); 
+        my $vpn = $cgi->param('VPNClientAccess') ?
+            $cgi->param('VPNClientAccess') : 
+            ($rec ? ($rec->prop('VPNClientAccess')) : get_vpn_value() );
         # now that we're down with the 411, let's set the values
         $cgi->param(-name=>'FirstName', -value=>$fn);
         $cgi->param(-name=>'LastName', -value=>$ln);
@@ -296,6 +300,7 @@
         $cgi->param(-name=>'Phone', -value=>$phone);
         $cgi->param(-name=>'EmailForward', -value=>$emf);
         $cgi->param(-name=>'ForwardAddress', -value=>$fwd);
+        $cgi->param(-name=>'VPNClientAccess', -value=>$vpn);
     } else {
         print qq(
             <td><input type="text" name="acctName" value="$an">
@@ -461,6 +466,18 @@
     return $configdb->get('ldap')->prop($CGIParam2DBfield{$field});
 }
 
+=head2 get_vpn_value()
+
+Routine to display default value for VPN
+
+=cut
+
+sub get_vpn_value
+{
+    my $vpn = $configdb->get('vpn') || return 'no';
+    return $configdb->get('vpn')->prop('AccessDefault') || 'no';
+}
+
 =head1 VALIDATION ROUTINES
 
 =head2 pseudonym_clash
@@ -718,8 +735,9 @@
             'Street'         => $self->{cgi}->param('Street'),
             'EmailForward'   => $self->{cgi}->param('EmailForward'),
             'ForwardAddress' => $self->{cgi}->param('ForwardAddress'),
-            'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
+        #    'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
         );
+	$newProperties{'VPNClientAccess'} = $self->{cgi}->param('VPNClientAccess') if defined $self->{cgi}->param('VPNClientAccess');
 
         $acct->merge_props(%newProperties);