Name:
Location: CA, United States

My dream is to dramatically improve math education throughout the world.

Wednesday, August 10, 2011

Notes for pptp-linux

Today on an outdated version of Ubuntu, which I neglected to update to the point that I cannot update it anymore or upgrade it, I was able to successfully install pptp-linux, allowing me to pptp into our office server. With a newer version of Ubuntu, I would have been able to simply go to System -> Preferences -> Network Configuration and add a VPN client. Overcoming the fact this was not an option was not an easy feat, so here are my notes so I don't forget:

Step 1 - Google search for pptp linux source code
Result was this page: http://pptpclient.sourceforge.net/cvs.phtml
Which led me to this command to download the source code:
cvs -z9 -d :pserver:anonymous@pptpclient.cvs.sourceforge.net:/cvsroot/pptpclient checkout pptp-linux

After running make and make install successfully, I now needed to configure pptp to actually work. pppd was already installed on my machine, which was a prereq for running make.

I used the following page to help me configure the pptp client:
http://pptpclient.sourceforge.net/howto-debian.phtml#configure_by_hand

I followed all
  1. create or edit the /etc/ppp/options.pptp file, which sets options common to all tunnels:

    lock noauth nobsdcomp nodeflate

  2. create or add lines to the /etc/ppp/chap-secrets file, which holds usernames and passwords:

    $DOMAIN\\$USERNAME PPTP $PASSWORD *

    Note: if you are using a PPTP Server that does not require an authentication domain name, omit the slashes as well as the domain name. (I did not include $domain. My entry looked like this: username PPTP "[mypassword]" *. I used one tab between each field.)

    Note: if the passwords contain any special characters, quote them. See man pppd for more details.

  3. create a /etc/ppp/peers/$TUNNEL file:

    pty "pptp $SERVER --nolaunchpppd"
    name $DOMAIN\\$USERNAME
    remotename PPTP
    require-mppe-128
    file /etc/ppp/options.pptp
    ipparam $TUNNEL

    Note: if you do not need MPPE support, then remove the require-mppe-128 option from this file and /etc/ppp/options.pptp. (I followed the thing above exactly. The $TUNNEL file can be any name you give it. Later when you run pon, you will supply the same filename you supplied for $TUNNEL. Also, you can't easily cd to the peers directly. Just sudo and directly create the file.)

  4. start the tunnel using the pon command:

    pon $TUNNEL

    to further diagnose a failure, add options to the command:

    pon $TUNNEL debug dump logfd 2 nodetach

    Note: we have further information on enabling debug mode, and on diagnosing problems. (I found this line for debugging very useful. On ubuntu, of course, I had to sudo this command)

  5. stop the tunnel using the poff command:

    poff $TUNNEL
By following those directions, I was able to get a mostly valid PPTP connection. However, I was only able to access the server that hosted my PPTP service. In order to gain access to the rest of the network, I had to figure out one more thing, which took A LONG TIME because I needed time to learn from forum posts and other resources.

To get to the rest of the network, edit these files:
/etc/ppp/ip-up
Add this line to the bottom of the file:
route add default dev $1

/etc/ppp/ip-down
Add this line to the bottom of the file:
route del default dev $1

Voila! It worked! Now when I need to PPTP into my office, I just type sudo pon name-of-tunnel-file to get in, and sudo pon off to log off.

Finally, one small detail is that my network at home is set to a different subnet than the one in the office, which is a prerequisite. For example, if both the home LAN and office LAN relied on 192.168.1.x, I believe PPTP would not have worked properly.

0 Comments:

Post a Comment

<< Home