Difference between revisions of "Pptp"

From SlackWiki
Jump to: navigation, search
m (ADDED: categories)
(Moved to PPPTP (Poptop))
 
Line 1: Line 1:
[[Category:Server]]
 
[[Category:Networking]]
 
[[Category:Tutorials]]
 
  
==(Poptop) pptpd Server Setup==
 
 
Here's what I did to get Poptop pptpd (1.3.4) running on my Slackware (13.37) box.
 
 
1) Install the official Slackware ppp package using pkgtool or slackpkg.
 
 
2) Install the ppptpd package from Slackbuilds.org using sbopkg.
 
***NOTE: The package name is NOT Poptop, it's pptpd***
 
 
3) Edit /etc/pptpd.conf
 
 
ADD:
 
localip 10.7.0.1
 
remoteip 10.7.0.2-50
 
CHANGE:
 
option /etc/ppp/options.pptpd -> option /etc/ppp/options
 
 
4) Edit /etc/ppp/options
 
HERE IS A GOTCHA- The official Slackware ppp package (at the time of this writing) contains an error in the options
 
file. The pppd binary was compiled to look for the new ms-dns parameter but the option file has the old dns-addr
 
parameter.
 
 
CHANGE:
 
# dns-addr 192.168.1.1 -> ms-dns 8.8.8.8 (or whatever your dns server is)
 
 
5) Edit the /etc/ppp/chap-secrets file.
 
For some reason, the default Slackware package has 4 example entries in it that are not commented (jacco,*,sam,*)
 
delete these.  You don't want jacco or sam to have a free connection into your box...
 
 
ADD: one entry for each user you want to allow access.
 
Format is: CLIENT [tab] SERVER [tab] PASSWORD [tab] IP ADDRESS
 
Mine looks like this:
 
 
bob * "BobsPasswordIsStrong" *
 
sue * "FluffyBunnies92" *
 
 
6) Finally to start pptpd, normally you would just execute 'pptpd &' but being that I'm a good Slacker, I wrote an
 
rc.pptpd script.
 
Create /etc/rc.d/rc.pptpd
 
contents:
 
#!/bin/sh
 
#
 
# /etc/rc.d/rc.pptpd
 
#
 
# Start/stop/restart the pptpd server.
 
#
 
# To make PopTop start automatically at boot, make this
 
# file executable:  chmod 755 /etc/rc.d/rc.pptpd
 
#
 
 
pptpd_start() {
 
  if [ -x /usr/sbin/pptpd ]; then
 
    echo "Starting PopTop pptpd:  /usr/sbin/pptpd server.conf"
 
    /usr/sbin/pptpd &
 
  fi
 
}
 
 
pptpd_stop() {
 
  killall pptpd
 
}
 
 
pptpd_restart() {
 
  pptpd_stop
 
  sleep 2
 
  pptpd_start
 
}
 
 
case "$1" in
 
'start')
 
  pptpd_start
 
  ;;
 
'stop')
 
  pptpd_stop
 
  ;;
 
'restart')
 
  pptpd_restart
 
  ;;
 
*)
 
  # Default is "start", for backwards compatibility with previous
 
  # Slackware versions.  This may change to a 'usage' error someday.
 
  pptpd_start
 
esac
 
 
 
7) Make it executable (and autobootable on start up)
 
 
chmod 755 /etc/rc.d/rc.pptpd
 
 
To start it manually- /etc/rc.d/rc.pptpd start
 
 
To be useful you next need to configure your firewall to forward and masquerade traffic from the vpn out to
 
the world...
 
 
8) Edit/create: /etc/rc.d/rc.firewall
 
 
ADD:
 
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
 
iptables -A FORWARD -i ppp+ -j ACCEPT
 
iptables -A FORWARD -o ppp+ -j ACCEPT
 
iptables -A FORWARD -j ACCEPT
 
iptables -t nat -A POSTROUTING -s 10.7.0.0/24 -o ppp+ -j MASQUERADE
 
 
9) Make it executable
 
 
chmod 755 /etc/rc.d/rc.firewall
 
 
10) Flush the old firewall rules (forgetting to do this caused me all sorts of grief (Thanks mancha))
 
 
iptables -F
 
 
11) Execute the new firewall rules
 
 
/etc/rc.d/rc.firewall
 
 
If you and I haven't made any mistakes, you should now have pptp (server) and router working on your box.
 
 
==pptp Client Setup==
 
 
Needs to be added.
 

Latest revision as of 14:38, 30 August 2012