By James Cameron, John Ross, & Edoardo Costa
29th February 2008
These are instructions for installing PPTP Client on Gentoo Linux.
- use Linux kernel 2.6.15 or later,
- use pppd 2.4.2 or later, without MPPC, without patching,
Install a kernel 2.6.15 or above, enabling cryptographic modules and the Microsoft Point-to-Point Encryption module.
|# emerge -av sys-kernel/gentoo-sources
|# make menuconfig|
Cryptographic options --->
[*] Cryptographic API
[*] HMAC support
[M] MD5 digest algorithm
--- SHA1 digest algorithm
[M] SHA256 digest algorithm
[M] SHA384 and SHA512 digest algorithms
[M] DES and Triple DES EDE cipher algorithms
[M] ARC4 cipher algorithm
[M] Deflate compression algorithm
Device Drivers --->
Networking support --->
[*] PPP (point-to-point protocol) support
[*] PPP filtering
[M] PPP support for async serial ports
[M] PPP support for sync tty ports
[M] PPP Deflate compression
[M] PPP BSD-Compress compression
[M] PPP MPPE compression (encryption) (NEW)
|# emerge -av net-dialup/ppp
|# emerge -a net-dialup/pptpclient
If you have problems with the tunnel and need to ask for help, start
pppd with complete logging:
|# script pptp.log|
Script started, file is pptp.log
# pppd call tunnelname dump debug logfd 2 nodetach
Script done, file is pptp.log
where tunnelname is the name of the tunnel you created in the
configuration program. For more detail, see enabling debug logging.
This will give you a file pptp.log that you can use to search
for known solutions in the Diagnosis
HOWTO or attach to an e-mail to the mailing
Configuration, by hand
- obtain from your PPTP Server administrator:
- the IP address or host name of the server ($SERVER),
- the name you wish to use to refer to the tunnel ($TUNNEL),
- the authentication domain name ($DOMAIN),
- the username you are to use ($USERNAME),
- the password you are to use ($PASSWORD),
- whether encryption is required.
In the steps below, substitute these values manually. For example,
where we write $PASSWORD we expect you to replace this with your
- create or edit the /etc/ppp/options.pptp file, which sets
options common to all tunnels:
|lock noauth nobsdcomp nodeflate|
- create or add lines to the /etc/ppp/chap-secrets file,
which holds usernames and passwords:
|$DOMAIN\\$USERNAME PPTP $PASSWORD *|
Note: if you are using a PPTP Server that does not require an
authentication domain name, omit the slashes as well as the domain
Note: if the passwords contain any special characters, quote them.
See man pppd for more details.
- create a /etc/ppp/peers/$TUNNEL file:
|pty "pptp $SERVER --nolaunchpppd"|
Note: if you do not need MPPE support, then remove the
require-mppe-128 option from this file and
- start the tunnel using the pon command:
to further diagnose a failure, add options to the command:
|pon $TUNNEL debug dump logfd 2 nodetach
Note: we have further information on enabling debug mode, and on diagnosing problems.
- stop the tunnel using the poff command:
- to script the tunnel connection so that something is done as soon
as the tunnel is up, use either ip-up.d scripts or the
- see the Routing HOWTO
for examples of ip-up.d scripting that adds routes or
- using updetach will cause pppd to fork, detach,
and exit with success once the network link is up. This example
connects a provider link, then the tunnel, then runs
fetchmail to get new e-mail:
|pon provider updetach && pon $TUNNEL updetach && fetchmail
Note: the double ampersand && means that the commands
following it will only be executed if the command to the left of it
was successful. If the tunnel fails to connect, the fetchmail will
- to have the tunnel automatically restarted if it fails, add the option
persist to either the command line or the
- to set up routing, read our Routing
If you have comments on this document, please send them to the author
at james.cameron at hp.com. But if you need help, use the mailing list so that we can share the
Removal of pptpconfig per mailing list posting.
Simplification thanks to Edoardo.
Linux kernel 2.6.15 includes MPPE.
Add link to forum posting referenced in mail.
Simplification and standardisation by James Cameron.
Update by John Ross to reflect current setup requirements for x86
Gentoo Base System version 1.4.16, kernel 2.6.9-gentoo-r13
Simplification by Surakshan, new package name for pptpconfig.
Simplification and update of emerge commands by Sander Rijken
Clarification about PHP dependency and minor reorganisation by Surakshan
Simplification by Surakshan.
More contributions from Surakshan.