About
The Lundquist's Weblog, Yet another Blosxom weblog.
Jonathan & Nancy Lundquist
fluxsmith@fluxsmith.com
$calendar::calendar
Subscribe
Subscribe to a syndicated feed of my weblog,
brought to you by the wonders of RSS.
Flavours
There's more than one way to view this weblog; try these flavours on
for size.
Links
These are a few of my favourite links.
Wed, 17 Dec 2003
Linux VPN Server
I'm trying to figure out how to have Linux host VPN sessions for Windows
clients. I need to support both individual users and routable connections
from Windows Routing and RAS.
Easy - No encryption, No authentication (i.e. uselessly insecure):
Install and configure PPTPD, this will also install PPP if needed.
apt-get install pptpd
Edit /etc/pptpd.conf
speed 115200
option /etc/ppp/pptpd-options
localip 192.168.4.1 # IP for private NIC on VPN host
remoteip 192.168.4.65-96 # Range of IP's to assign VPN clients
Edit /etc/ppp/pptpd-options
name fire.fluxsmith.com
domain fluxsmith.com
noauth
ms-dns 192.168.4.1
netmask 255.255.255.0
noipx
nodefaultroute
proxyarp
lock
Set windows to PPTP VPN, no encryption required,
require secured password (which will be ignored by the server).
Use anything you want for credentials.
Only slightly more secure, no encryption, still not
suitable for the hostile world:
Change /etc/ppp/pptpd-options from noauth to auth.
Add a pair of lines to /etc/ppp/chap-secrets for each user
userid * password *
* userid password *
With encryption, as needed for real use:
This is not simple. First, you will have to rebuild your kernel using
patched sources. General guidance on kernel rebuilding is available
at http://www.debian.org/releases/stable/i386/ch-post-install.en.html#s-kernel-baking
After extracting the sources you will have to apply the patch provided
by the kernel-patch-mppe package.
If the patch and rebuild is successful then modprobe ppp_mppe should succeed.
You'll then want to add ppp_mppe to /etc/modules.
[/public/software/linux] permanent link