The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
Article Feedback - Stripping ^M from your files
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Previous Message  |  Next Message 
 Re: PPTP Server
Author: Matt Cowger 
Date:   16-05-02 08:16

Hi...

I saw this and thought I'd post how I did it - getting PoPToP runnng as a VPN Server for Windows clients. I've gotten it running on FreeBSD
4.6-PRERELEASE, and thought I'd share with the group.

1. The first thing I did was of course cvsup my ports tree.
2. Next, cd to /usr/ports/net/poptop and run make all install clean
3. You will now need to edit a number of files to make this work:


----/usr/local/etc/pptpd.conf-------
speed 115200
option /etc/ppp/options

localip xxx.xxx.xxx.xxx
remoteip xxx.xxx.xxx.yy-zz
pidfile /var/run/pptpd.pid
------------------------------------

You will need to change the local and remote IP's to match your local configuration.
LocalIP should be an address in your subnet but not the address of your network interface(s).
RemoteIP should be a **range** in your subnet that the PPTP daemon can assign clients for addresses.

For example, if you're address on interface ep0 is 192.168.1.1, and your subnet mask is 255.255.255.0, localip should be something like 192.168.1.100 and remote ip should be something like 192.168.1.150-200 (written just like that). The PIDFile entry should be obvious.

You will also need to create a /etc/ppp/options file:

---/etc/ppp/options----
auth
proxyarp
pap
chap
---/etc/ppp/options----

Don't worry too much about what these mean, but auth, chap, and proxyarp NEED to be in there (look them up in man ppp for more info.

The last file you need is /etc/ppp/ppp.conf

---/etc/ppp/ppp.conf----
loop:
set timeout 0
set log phase chat connect lcp ipcp command
set device localhost:pptp
set dial
set login
# Server (local) IP address, Range for Clients, and Netmask
set ifaddr 192.168.1.100 192.168.1.150-192.168.1.200 255.255.255.255
set server /tmp/loop "" 0177

loop-in:
set timeout 0
set log phase lcp ipcp command
allow mode direct

pptp:
load loop
enable chap
enable pap
# Authenticate against /etc/passwd
enable passwdauth
# The next depends on your routing. Proxy arp is an easy way out
enable proxy
accept dns
# DNS Servers to assign client - replace with your own
set dns 1.1.1.1
set device !/etc/ppp/secure
---/etc/ppp/ppp.conf----

The file above basically needs to stay the way it is, but the line containing set ifaddr needs to have the same info as what you set in pptpd.conf. The first argument should be the value of localip, the second should be the same range as remoteip (just in a slightly different format - you gotta spell out the whole range this time) and the last needs to be 255.255.255.255

Now, start up the daemon with:

/usr/local/sbin/pptpd -d

The remaining setup need to be done on your windows machine. I am assuming you are using Windows XP here, but its pretty much the same as Windows 2000. Go to Start|Settings|Network Connections. Click the new connection wizard. You want to "Connect to the network at my workplace" or something along those lines - whichever one relates to VPNs. Click next. Choose Virtual Private Network Connection. Click Next. In the COmpany Name, type whatever you wish and hot next. The next box will ask you if it should dial your dialup connection before trying to start this one - choose whichever is appropriate and hit next. In the host name, you need to put the IP of your BSD box (the real routable address...dealing with NAT is another issue). The next screen asks who to make this connection for, choose whiever is appropriate. Next. Hit Finish.

Phew! Only a little more to go. Windows will now pop up the connection box for this connection. STOP! SLOW DOWN! DONT CONNECT YET. Breathe. Ok, Ready? Hit Properties. Under security, you need to *disable* "Require data encryption" THis is just a tunnel, not a IPSec encrypted connection. Click OK, and for your username and password enter your username and password on the BSD box. Life should be good.

Have fun with your new VPN.

 Reply To This Message  |  Forum List  |  Flat View   Newer Topic  |  Older Topic 

 Topics Author  Date
 PPTP Server   new
Matt 29-04-02 17:33 
 Re: PPTP Server   new
Lars 30-04-02 00:10 
 Re: PPTP Server   new
Dan Clark 30-04-02 14:48 
 Re: PPTP Server   new
Matt 30-04-02 22:54 
 Re: PPTP Server   new
Matt 30-04-02 22:56 
 Re: PPTP Server   new
Dan Clark 01-05-02 02:34 
 Re: PPTP Server   new
Dan Langille 02-05-02 07:33 
 Re: PPTP Server   new
Matt 03-05-02 06:01 
 Re: PPTP Server   new
Dan Langille 03-05-02 14:56 
 Re: PPTP Server   new
Jeff 05-05-02 07:51 
 Re: PPTP Server   new
Jeff 05-05-02 07:54 
 Re: PPTP Server   new
naim 13-05-02 05:57 
 Re: PPTP Server   new
Matt Cowger 16-05-02 08:16 
 Re: PPTP Server   new
Brad Tarver 01-04-04 21:46 
 Re: PPTP Server   new
Dan 01-04-04 21:52 
 Re: PPTP Server   new
Brad Tarver 01-04-04 22:00 
 Re: PPTP Server   new
Matt 23-05-02 23:07 
 Re: PPTP Server   new
Dom Bundy 06-09-02 01:32 
 Re: PPTP Server   new
Derek 16-09-02 18:50 
 Re: PPTP Server   new
ben 04-11-02 14:12 
 Re: PPTP Server   new
ben 03-12-02 05:28 
 Re: PPTP Server   new
MC 04-02-03 03:24 
 Re: PPTP Server   new
Brad Tarver 01-04-04 21:53 
 Re: PPTP Server   new
Omer Faruk Sen 03-04-04 20:12 
 Re: PPTP Server   new
virusok 21-12-04 05:42 
 Re: PPTP Server   new
Leigh Finch 04-01-05 06:08 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org