Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Get basic VPN working using ppp and pptp
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
dabooty
Guru
Guru


Joined: 15 May 2003
Posts: 482
Location: Belgium
PostPosted: Wed Jun 25, 2003 4:38 pm    Post subject: Get basic VPN working using ppp and pptp Reply with quote
Hi, i have noticed a lot of questions around here and other places asking how to get vpn working, so i figured i might post my experiences here

note: the title of my post includes basic VPN because my vpn server doesn't require mppe (Microsoft Point-to-Point Encryption), if your's does it's getting a little harder but a google search (of following posts i hope) will solve that too.

first of all, you need the ppp and pptp-client packages so you do a
Code:
 emerge  ppp pptpclient


next you need to configure a tunnel for your connection (mine is named after the company it connects to).
You can configure these tunnels in 2 ways
Code:
a) execute "/usr/sbin/pptp-command" and work your way through a menu driven setup to add tunnels
b) create a file /etc/ppp/peers/tunnelname and insert your settings in the file


i will describe how to edit the file yourself here, because it's easy to get through the menu's having an example config file

if you create a tunnel file /etc/ppp/peers/tunnelname it should at least contain this:
Code:

# PPTP Tunnel configuration for tunnel tunnelname
# Server IP: server.ip.or.dns
#
                                                                               
# Tags for CHAP secret selection
#
name domainname\\username
remotename rtrvpn

- note that you have to escape the \ between the domainname and username by making it \\
- the remotename can be chosen whatever you want
- remotename and username must mach a set defined in /etc/ppp/chap-secrets

The chap-secrets file should contain the login information for you vpn-server as defined in the tunnel configuration, and the password
Code:
# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
domainname\\username rtrvpn  password


now your connection information is set up, and you can try to make a vpn connection using this tunnel by executing
Code:
/usr/sbin/pptp-command start tunnelname

this should give you a message indicating that the connection is succesful and telling you the ip you got for your vpn network
Code:
All routes added.
Tunnel tunnelname is active on ppp0.  IP Address: 10.1.100.190


At this point you are connected to your vpn server using the pptp network interface.
To test this you have to find out the ip of the dialin server, and ping it as follows
Code:
 (find out ip of dialin server)
ifconfig ppp0 | grep inet
          inet addr:10.1.100.190  P-t-P:10.1.100.14  Mask:255.255.255.255
where the p-t-p gives you the ip of the dial-in server. Now you can try to ping it
ping 10.1.100.14
PING 10.1.100.14 (10.1.100.14): 56 octets data
64 octets from 10.1.100.14: icmp_seq=0 ttl=128 time=43.3 ms
64 octets from 10.1.100.14: icmp_seq=1 ttl=128 time=50.2 ms


this means we are succesfully connected to the dial-in server, so all we have to do now is add a routing table so the traffic for the vpn network gets routed over ppp0 instead of eth0 by executing this command:
Code:
route add -net 10.1.100.0 netmask 255.255.255.0 dev ppp0


after this you should be able to ping or traceroute every ip on the vpn network, which means it's working correctly
_________________
registered user #284425
get yourself counted
http://counter.li.org
------
#emerge -pv solves a lot of questions beforehand

Last edited by dabooty on Thu Jun 26, 2003 10:03 am; edited 1 time in total
Back to top
View user's profile Send private message
cato`
Guru
Guru


Joined: 03 Jun 2002
Posts: 430
Location: Norway, Trondheim
PostPosted: Wed Jun 25, 2003 10:49 pm    Post subject: Reply with quote
And maybe this thread is interesting.
Back to top
View user's profile Send private message
jslaughter
n00b
n00b


Joined: 20 Feb 2003
Posts: 20
Location: Toronto (Canada)
PostPosted: Wed Oct 15, 2003 2:48 pm    Post subject: Reply with quote
Hey dabooty,

I know you posted this a while ago, but I needed to get a PPTP connection set up to my work this morning from my Gentoo box and stumbled across your article. The instructions worked like a charm! Thanks a lot for the help!

A few notes: in my case, the CHAP secret was not domainname\\username, but just username ("jslaughter" in my case). This is probably because it's not part of an NT domain -- my work is a UNIX shop ;).

Also, the route can be added inside of pptp-command. In my case, my route was:

route add -net 10.0.0.0 netmask 255.255.0.0 dev TUNNEL_DEV

TUNNEL_DEV is a variable that's understoood by pptp-command.

For me I didn't even need to edit /etc/ppp/peers/tunnelname. pptp-command did everything. All I had to do was add a CHAP secret, add a tunnel, and then type :

/usr/sbin/pptp-command start tunnelname

Thanks again for the tip!

Jason
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy