User input and configuration, as well as
my comments are in: blue text
Local machine
OS: Fedora Core 2 kernel-2.6.6-1.435.2.3
ppp: ppp-2.4.2-3.FC2.1
dkms: dkms-1.12-1
kernel-mppe: kernel_ppp_mppe-0.0.4-1dkms
pptp-linux: pptp-linux-1.5.0-2
LAN: 192.168.111.0/24
VPN Server
OS: RH7.3
PoPToP v1.1.4-b4
Internet IP: work.example.com
LAN IP: 192.168.122.200
Adding a new PPTP Tunnel
[root@triton root]# pptp-command
1.) start
2.) stop
3.) setup
4.) quit
What task would you like to do?: 3
1.) Manage CHAP secrets
2.) Manage PAP secrets
3.) List PPTP Tunnels
4.) Add a NEW PPTP Tunnel
5.) Delete a PPTP Tunnel
6.) Configure resolv.conf
7.) Select a default tunnel
8.) Quit
?: 4
1.) Other
Which configuration would you like to use?: 1
Tunnel Name: my_work_place
Server IP: work.example.com
What route(s) would you like to add when the tunnel comes up?
This is usually a route to your internal network behind the PPTP
server.
You can use substitution keywords as in /etc/pptp.d/ config
file
- TUNNEL_DEV is the tunnel interface.
- DEF_GW is the existing default gateway.
- IPLOCAL is the local IP address.
- IPREMOTE is the remote IP address.
The syntax to use is the same as the route(8) command.
Enter a blank line to stop.
route: add -net 192.168.122.0 netmask
255.255.255.0 TUNNEL_DEV
route:
Local Name and Remote Name should match a configured CHAP or PAP
secret.
Local Name is probably your NT domain\username.
NOTE: Any backslashes (\) must be doubled (\\).
Local Name: joeuser
Remote Name [PPTP]: PPTP
Adding my_work_place - work.example.com - joeuser - PPTP
Added tunnel my_work_place
1.) Manage CHAP secrets
2.) Manage PAP secrets
3.) List PPTP Tunnels
4.) Add a NEW PPTP Tunnel
5.) Delete a PPTP Tunnel
6.) Configure resolv.conf
7.) Select a default tunnel
8.) Quit
?:8
The above procedure created the
file: 'my_work_place'
in /etc/ppp/peers/ which now must be modified.
The newly created file will have content similar to the
following:
[root@triton peers]# cat
my_work_place
#
# PPTP Tunnel configuration for tunnel my_work_place
# Server IP: work.example.com
# Route: add -net 192.168.122.0 netmask 255.255.255.0 TUNNEL_DEV
#
#
# Tags for CHAP secret selection
#
name joeuser
remotename PPTP
#
# Tunnel name for ip-up.local or ip-up.d scripts
#
ipparam my_work_place
#
# Include the main PPTP configuration file
#
file /etc/ppp/options.pptp
To which you must add the following
lines:
pty "pptp work.example.com --nolaunchpppd "
require-mppe
(Substitute your VPN Server's IP in place of 'work.example.com' !!)
Adding username/password to
chap-secrets...
[root@triton peers]# pptp-command
1.) start
2.) stop
3.) setup
4.) quit
What task would you like to do?: 3
1.) Manage CHAP secrets
2.) Manage PAP secrets
3.) List PPTP Tunnels
4.) Add a NEW PPTP Tunnel
5.) Delete a PPTP Tunnel
6.) Configure resolv.conf
7.) Select a default tunnel
8.) Quit
?: 1
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) Quit
?: 2
Add a NEW CHAP secret.
NOTE: Any backslashes (\) must be doubled (\\).
Local Name:
This is the 'local' identifier for CHAP authentication.
NOTE: If the server is a Windows NT machine, the local name
should be your Windows NT username including domain.
For example:
domain\\username
Local Name: joeuser
Remote Name:
This is the 'remote' identifier for CHAP authentication.
In most cases, this can be left as the default. It must be
set if you have multiple CHAP secrets with the same local name
and different passwords. Just press ENTER to keep the default.
Remote Name [PPTP]: PPTP
Password:
This is the password or CHAP secret for the account specified.
The
password will not be echoed.
Password:
Adding secret joeuser PPTP password *
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) Quit
?:
/etc/ppp/chap-secrets file now looks
like this:
[root@triton ppp]# cat chap-secrets
# Secrets for authentication using CHAP
# client server secret IP addresses
joeuser PPTP secret_password *
[root@triton ppp]#
Starting the PPTP tunnel
connection...
[root@triton root]# pptp-command
1.) start
2.) stop
3.) setup
4.) quit
What task would you like to do?: 1
1.) my_work_place
Start a tunnel to which server?: 1
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
MPPE 128-bit stateless compression enabled
local IP address 192.168.122.201
remote IP address 192.168.122.200
pptp-command: added route add -net 192.168.122.0 netmask
255.255.255.0 dev ppp0
Tunnel my_work_place is active on ppp0. Local IP Address:
192.168.122.201
For configured tunnels you can use: pptp-command start
[root@triton root]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.122.200 * 255.255.255.255 UH 0 0 0 ppp0
192.168.122.0 * 255.255.255.0 U 0 0 0 ppp0
192.168.111.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
default router.webb 0.0.0.0 UG 0 0 0 eth0
Stopping the PPTP tunnel
connection...
[root@triton root]# pptp-command
1.) start
2.) stop
3.) setup
4.) quit
What task would you like to do?: 2
Sending HUP signal to PPTP processes...
Shortcut: pptp-command stop
Marty Diamond 2004
http://martywd.com/kernel-mppe/
marty at martywd dot com