|
|
(2 intermediate revisions by the same user not shown) |
Line 1: |
Line 1: |
| ==(Poptop) pptpd Server Setup==
| |
|
| |
|
| Here's what I did to get Poptop pptpd (1.3.4) running on my Slackware (13.37) box.
| |
|
| |
| 1) Install the official Slackware ppp package using pkgtool or slackpkg.
| |
|
| |
| 2) Install the ppptpd package from Slackbuilds.org using sbopkg.
| |
| ***NOTE: The package name is NOT Poptop, it's pptpd***
| |
|
| |
| 3) Edit /etc/pptpd.conf
| |
|
| |
| ADD:
| |
| localip 10.7.0.1
| |
| remoteip 10.7.0.2-50
| |
| CHANGE:
| |
| option /etc/ppp/options.pptpd -> option /etc/ppp/options
| |
|
| |
| 4) Edit /etc/ppp/options
| |
| HERE IS A GOTCHA- The official Slackware ppp package (at the time of this writing) contains an error in the options
| |
| file. The pppd binary was compiled to look for the new ms-dns parameter but the option file has the old dns-addr
| |
| parameter.
| |
|
| |
| CHANGE:
| |
| # dns-addr 192.168.1.1 -> ms-dns 8.8.8.8 (or whatever your dns server is)
| |
|
| |
| 5) Edit the /etc/ppp/chap-secrets file.
| |
| For some reason, the default Slackware package has 4 example entries in it that are not commented (jacco,*,sam,*)
| |
| delete these. You don't want jacco or sam to have a free connection into your box...
| |
|
| |
| ADD: one entry for each user you want to allow access.
| |
| Format is: CLIENT [tab] SERVER [tab] PASSWORD [tab] IP ADDRESS
| |
| Mine looks like this:
| |
|
| |
| bob * "BobsPasswordIsStrong" *
| |
| sue * "FluffyBunnies92" *
| |
|
| |
| 6) Finally to start pptpd, normally you would just execute 'pptpd &' but being that I'm a good Slacker, I wrote an
| |
| rc.pptpd script.
| |
| Create /etc/rc.d/rc.pptpd
| |
| contents:
| |
| #!/bin/sh
| |
| #
| |
| # /etc/rc.d/rc.pptpd
| |
| #
| |
| # Start/stop/restart the pptpd server.
| |
| #
| |
| # To make PopTop start automatically at boot, make this
| |
| # file executable: chmod 755 /etc/rc.d/rc.pptpd
| |
| #
| |
|
| |
| pptpd_start() {
| |
| if [ -x /usr/sbin/pptpd ]; then
| |
| echo "Starting PopTop pptpd: /usr/sbin/pptpd server.conf"
| |
| /usr/sbin/pptpd &
| |
| fi
| |
| }
| |
|
| |
| pptpd_stop() {
| |
| killall pptpd
| |
| }
| |
|
| |
| pptpd_restart() {
| |
| pptpd_stop
| |
| sleep 2
| |
| pptpd_start
| |
| }
| |
|
| |
| case "$1" in
| |
| 'start')
| |
| pptpd_start
| |
| ;;
| |
| 'stop')
| |
| pptpd_stop
| |
| ;;
| |
| 'restart')
| |
| pptpd_restart
| |
| ;;
| |
| *)
| |
| # Default is "start", for backwards compatibility with previous
| |
| # Slackware versions. This may change to a 'usage' error someday.
| |
| pptpd_start
| |
| esac
| |
|
| |
|
| |
| 7) Make it executable (and autobootable on start up)
| |
|
| |
| chmod 755 /etc/rc.d/rc.pptpd
| |
|
| |
| To start it manually- /etc/rc.d/rc.pptpd start
| |
|
| |
| To be useful you next need to configure your firewall to forward and masquerade traffic from the vpn out to
| |
| the world...
| |
|
| |
| 8) Edit/create: /etc/rc.d/rc.firewall
| |
|
| |
| ADD:
| |
| iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
| |
| iptables -A FORWARD -i ppp+ -j ACCEPT
| |
| iptables -A FORWARD -o ppp+ -j ACCEPT
| |
| iptables -A FORWARD -j ACCEPT
| |
| iptables -t nat -A POSTROUTING -s 10.7.0.0/24 -o ppp+ -j MASQUERADE
| |
|
| |
| 9) Make it executable
| |
|
| |
| chmod 755 /etc/rc.d/rc.firewall
| |
|
| |
| 10) Flush the old firewall rules (forgetting to do this caused me all sorts of grief (Thanks mancha))
| |
|
| |
| iptables -f
| |
|
| |
| 11) Execute the new firewall rules
| |
|
| |
| /etc/rc.d/rc.firewall
| |
|
| |
| If you and I haven't made any mistakes, you should now have pptp (server) and router working on your box.
| |
|
| |
| ==pptp Client Setup==
| |
|
| |
| Needs to be added.
| |