Find the answer to your Linux question:
Results 1 to 7 of 7
i'm connecting to my network via vpn wan miniport(PPTP) how do I set up this connection? If u could explain it in details (I'm a begginer)... I'll be gratefull...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined! verdele_gruia's Avatar
    Join Date
    May 2006
    Location
    Romania
    Posts
    11

    vpn configuration


    i'm connecting to my network via vpn wan miniport(PPTP)

    how do I set up this connection?

    If u could explain it in details (I'm a begginer)... I'll be gratefull

  2. #2
    Just Joined!
    Join Date
    May 2006
    Posts
    3

    Exclamation keep on fight,...

    i have the same problem in setting vpn @ slackware,..it' will be much easier if using .rpm...but i am not finding yet the *.rpm packs for slackware....
    but it's more fun than using windows,,,...
    somebody help us pls,...

  3. #3
    Linux Enthusiast carlosponti's Avatar
    Join Date
    Dec 2004
    Location
    Oklahoma
    Posts
    560
    i havent tried yet to setup vpn because every site that gives information about pptp says you have to configure your kernel and my skills arent that great yet. but you dont really need an rpm with the appropriate software. start looking here http://pptpclient.sourceforge.net/
    Blog
    Registered Linux user 396557

  4. #4
    Just Joined! verdele_gruia's Avatar
    Join Date
    May 2006
    Location
    Romania
    Posts
    11
    Quote Originally Posted by carlosponti
    i havent tried yet to setup vpn because every site that gives information about pptp says you have to configure your kernel and my skills arent that great yet. but you dont really need an rpm with the appropriate software. start looking here http://pptpclient.sourceforge.net/




    says there that Linux kernel 2.6.15 the PPP MPPE encryption module. From what I've seen my kernel version is 2.4.31. How do I upgrade my kernell ?

  5. #5
    Linux Enthusiast carlosponti's Avatar
    Join Date
    Dec 2004
    Location
    Oklahoma
    Posts
    560
    i installed the 2.6 kernel when i installed slackware this last time. the 2.6 kernel is a bit different to upgrade so i hope someone can help you. on the CD there is a precompiled kernel but it is not a 2.6.15 just the 2.6.9 i think. those 2.6 kernel packages on the CD are easy to install.
    Blog
    Registered Linux user 396557

  6. #6
    Just Joined!
    Join Date
    May 2006
    Posts
    3

    Lightbulb taken from "linuxquestions.org"

    I just opened "linuxquestions.org" and I found a clear enough explanation how to set vpn@slackware,...but you have to know how to set /etc/ppp/cahp-secret and some basic skils in compiling,...
    If u have no idea 'bout compilin,...just "google-->search
    I hope it can help u,...
    --------------------------------------------------------------------------
    PPTP VPN on Slackware How-to
    Written by djbanaan - 2005-03-16 22:06

    This document describes how to set up a Point-to-Point tunneling protocol (PPTP)
    VPN server (and client) using Slackware Linux [www.slackware.com] and PoPToP
    [www.poptop.org]. PPTP - a Microsoft protocol - may not be the most advanced
    protocol for setting up VPN, but is relatively easy to set up and isn't as
    intrusive to your system as other VPN solutions such as OpenSwan. Another
    plus is that it is supported by nearly every Windows version in their default
    installation, making it a breeze for your clients to connect.

    A word of warning before getting started:

    MPPC, the compression protocol used for PPTP, is a patented technology.
    Therefore, it may be illegal in your country to use this technology without
    the consent of Hifn Inc (http://www.hifn.com/), the patent holder for MPPC.

    With the legal chit-chat out of way, let's get going!

    ************************************************** *
    Table of contents
    ************************************************** *
    ************************************************** *
    1. Requirements
    2. Installing and configuring the server end
    2.1 Installing MPPC/MPPE support in the kernel
    2.2 Installing poptop
    2.3 Configuring poptop
    2.3.1 Setting up IP-addressing
    2.3.2 Configuring the pptp daemon
    2.3.3 Adding users
    3 Installing and configuring the client end
    3.1 Installing the Linux pptp client
    3.2 Configuring the Linux pptp client
    ************************************************** *



    *****************
    1 Requirements
    *****************

    The installation of the PPTP server and client requires the following packages
    on your system:

    - Kernel sources
    - ppp (from the "n" series of packages)

    For the remainder of this document we are going to assume that your kernel sources
    are installed in /usr/src and that the ppp package installed is the default Slackware
    ppp package, which is already equipped with MPPE support.

    Apart from these requirements this document also assumes some basic knowledge of
    TCP/IP networking and familiarity with Linux kernel compilation.

    *********************************************
    2 Installing and configuring the server end
    *********************************************

    ************************************************
    2.1 Installing MPPC/MPPE support in the kernel
    ************************************************

    The first step is making sure that our kernel has support for MPPC/MPPE.
    The PoPToP project provides several methods for installing MPPC/MPPE support,
    but these are for older kernels. Therefore we are going to do things by hand
    using the MPPC/MPPE patch from http://www.polbox.com/h/hs001/

    Download the appropriate MPPE/MPPC patch for your kernel version from
    http://www.polbox.com/h/hs001/#AEN56 and place it in /usr/src.

    - Note 1 : The patch assumes the path of your kernel sources
    to be /usr/src/linux-$VERSION, but since /usr/src/linux is
    usually a symlink to this directory this should not be much of a problem.

    - Note 2 : If there is no patch for your kernel version, you can try
    downloading the patch with a version number closest to yours and
    making a symlink like this:

    ln -s /usr/src/linux-$MYVERSION /usr/src/linux-$MPPE-MPPC-PATCH-VERSION

    Apply the patch to your kernel sources:

    cd /usr/src
    zcat linux-$VERSION-mppe-mppc-1.3.patch.gz | patch -p0

    configure the kernel:

    cd /usr/src/linux
    make menuconfig
    in the kernel configuration menu go to Device drivers --> networking support
    make sure the configuration options for ppp look like this:

    [...]
    PPP (point-to-point protocol) support
    [ ] PPP multilink support (EXPERIMENTAL)[*] PPP filtering
    PPP support for async serial ports
    PPP support for sync tty ports
    PPP Deflate compression
    PPP BSD-Compress compression
    Microsoft PPP compression/encryption (MPPC/MPPE)
    [...]

    Next go to Cryptographic options in the kernel configuration menu and enable
    SHA1 and RC4 algorithms. Exit menuconfig and save your configuration.

    Compile your new kernel and modules. For this I use "make modules modules_install bzImage"
    and handle post compilation tasks by hand, but feel free to compile the new kernel in a way you feel comfortable with. Reboot your system and verify that your new kernel functions OK.

    Add the following lines to /etc/modules.conf:

    alias char-major-108 ppp_generic
    alias tty-ldisc-3 ppp_async
    alias tty-ldics-14 ppp_synctty
    alias ppp-compress-18 ppp_mppe_mppc
    alias ppp-compress-21 bsd_comp
    alias ppp-compress-24 ppp_deflate
    alias ppp-compress-26 ppp_deflate
    alias tty-ldisc-14 ppp_synctty

    This concludes the kernel part of the installation.

  7. #7
    Just Joined!
    Join Date
    May 2006
    Posts
    3
    ***********************
    2.2 Installing poptop
    ***********************

    Grab the latest stable pptpd sources from http://sourceforge.net/project/showf...group_id=44827

    compile and install pptpd:

    tar zxvf pptpd-$VERSION.tar.gz
    cd pptpd-$VERSION
    ./configure
    make
    su
    make install (or use checkinstall (available from "extra" series of packages) to generate a slackpack)

    ************************
    2.3 Configuring poptop
    ************************

    ********************************
    2.3.1 Setting up IP-addressing
    ********************************

    Now that we've got all the packages installed in the correct location we can start configuring poptop.

    First we are going to define an IP-address for the pptp server and IP-addresses to assign to our clients. We can chose to either assign a separate IP-address for the server to be used for every incoming connection, or we can use a single IP address to be used for each connection. In this example we will use a single IP address on the server end.

    In /etc/pptpd.conf add the following lines:

    localip 10.0.0.1
    remoteip 10.0.0.2-20

    This assigns the IP-address 10.0.0.1 to the pptp server, note that this ip-address does not get assigned to any of the physical interfaces on the server, it is used purely for virtual interfaces. You should, of course, use an IP-range appropriate for your subnet.

    The second line defines a range of ip-addresses to be assigned to clients.

    ***********************************
    2.3.2 Configuring the pptp daemon
    ***********************************

    With the IP-addressing sorted, we can move along to the configuration of our server. We are going to configure pptpd using the file /etc/ppp/options.pptpd. We have to make sure pptpd reads this file by adding the following line to /etc/pptpd.conf:

    option /etc/ppp/options.pptpd

    Next, add the following lines to /etc/ppp/options.pptpd:

    name pptpd
    ipparam PoPToP
    lock
    mtu 1490
    mru 1490
    ms-wins $YOUR WINS SERVER IP, IF APPLICABLE, GETS ASSIGNED TO WIN CLIENTS
    ms-dns $YOUR PRIMARY DNS SERVER, GETS ASSIGNED TO WIN CLIENTS
    ms-dns $YOUR SECONDARY DNS SERVER, GETS ASSIGNED TO WIN CLIENTS
    multilink
    proxyarp
    auth
    require-mschap
    require-mschap-v2
    ipcp-accept-local
    ipcp-accept-remote
    lcp-echo-failure 30
    lcp-echo-interval 5
    deflate 0
    require-mppe-128
    nopcomp
    noaccomp

    Remember to inspect the ms-wins and ms-dns options and assign the appropriate ip-addresses if necessary. ms-wins is only required if windows clients are going to access windows servers on the other end of the tunnel.

    Note that this configuration allows only 128 bit encryption, some versions of Windows need an 128-bit encryption pack installed for this to work. This pack is available from Microsoft.com. It is also possible to set the cypher strength to 40 bits:

    require-mppe-40

    This will allow any Windows client to connect, but it is, of course, inherently less secure.

    ********************
    2.3.3 Adding users
    ********************

    Next we are going to set up user accounts. There are several ways to authenticate users on the pptp server, including radius and Samba. In this how-to we'll stick to using ppp's chap-secrets file.

    Users are added to the file /etc/ppp/chap-secrets in the following manner:

    username pptp-server-name password ip-address

    So a valid user entry would look like this:

    joesixpack pptpd somepassword *

    This allows user "joesixpack" to authenticate with server "pptpd" using the password "somepassword". Once joesixpack is logged in and connection has been established, his machine will be assigned the first available ip-address as defined in the previous step. It is also possible to assign each user his or her own ip-address.

    Note that passwords containing special characters have to be quoted.

    We can now start the pptp daemon:

    /usr/sbin/pptpd

    You can now test your connection using a Windows machine. If you don't have a Windows machine for testing (hey, that's understandable ), read on through the next section to set up a pptp linux client.

    *********************************************
    3 Installing and configuring the client end
    *********************************************

    The client end has the same requirements as the server end. It requires the MPPE/MPPC patch to be applied to the kernel and also requires the ppp package to be installed. For instructions on applying the kernel patch, see section 2.1.

    **************************************
    3.1 Installing the Linux pptp client
    **************************************

    If all went well you should have an MPPE/MPPC enabled kernel. We can proceed with the installation of the pptp client. First, grab the sources from [http://pptpclient.sourceforge.net/#download]

    unpack the sources:

    tar zxvf pptp-linux-$VERSION.tar.gz

    compile the software and install the binaries:

    cd pptp-linux-$VERSION
    make
    su
    make install

    ***************************************
    3.2 Configuring the Linux pptp client
    ***************************************

    Create a file called /etc/ppp/options.pptp and put the following line in it:

    lock noauth nodeflate nobsdcomp

    Add the following line to /etc/ppp/chap-secrets:

    username pptpd password *

    Substitute username and password for the credentials you want to use to connect to the pptp server.

    Now create a file called /etc/ppp/peers/YOURTUNNELNAME, replacing YOURTUNNELNAME with whatever
    name you want to use to identify your tunnel. Place the following lines in this file:

    pty "pptp YOURPPTPSERVER --nolaunchpppd"
    name YOURUSERNAME
    mtu 1490
    mru 1490
    remotename pptpd
    require-mschap
    require-mschap-v2
    require-mppe-128
    file /etc/ppp/options.pptp
    ipparam YOURTUNNELNAME
    persist

    Where YOURPPTPSERVER is the address of the pptp server you want to connect to, YOURUSERNAME speaks for itself and YOURTUNNELNAME should be the same name as the file you just created in /etc/ppp/peers.

    There is one last detail to be handled, which is routing.

    To make sure our traffic gets routed to the other end of the tunnel, create a file called ip-up in /etc/ppp and add the following lines to this file:

    #!/bin/sh
    /sbin/route add -net REMOTE-NET-IP netmask REMOTE-NET-MASK dev ppp

    In which you have to replace the IP-address and the mask with those of the subnet on the other end of the tunnel. If there is no network on the other side, but just the pptp server, you can use -host instead of -net. When your done, save the file and make it executable:

    chmod +x /etc/ppp/ip-up

    Now that all is set up we can start the tunnel:

    pppd call YOURTUNNELNAME

    If all has gone well you should see something along the lines of:

    Mar 16 19:25:53 feike pppd[7319]: local IP address 10.0.0.5
    Mar 16 19:25:53 feike pppd[7319]: remote IP address 10.0.0.1

    in /var/log/messages and you should be able to ping across the tunnel.
    -------------------------------------------------------------------------
    Paris van Java/Indonesia

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •