|
|
|
|
|
|
pptp client |
|
![](images/spacer.gif) |
![](images/spacer.gif) |
|
![](images/spacer.gif) |
![](images/spacer.gif) |
![](images/spacer.gif) |
documentation |
![](images/spacer.gif) |
![](images/spacer.gif) |
|
![](images/spacer.gif) |
![](images/spacer.gif) |
![](images/spacer.gif) |
team |
![](images/spacer.gif) |
![](images/spacer.gif) |
|
![](images/spacer.gif) |
![](images/spacer.gif) |
![](images/spacer.gif) |
![](images/spacer.gif) |
| |
PPTP Client
Gentoo HOWTO
By James Cameron, John Ross, & Edoardo Costa 29th February 2008
These are instructions for installing PPTP Client on Gentoo Linux.
Summary:
- use Linux kernel 2.6.15 or later,
- use pppd 2.4.2 or later, without MPPC, without patching,
Kernel
Install a kernel 2.6.15 or above, enabling cryptographic modules and the Microsoft Point-to-Point Encryption module.
# emerge -av sys-kernel/gentoo-sources
|
# make menuconfig
Cryptographic options --->
[*] Cryptographic API
[*] HMAC support
[M] MD5 digest algorithm
--- SHA1 digest algorithm
[M] SHA256 digest algorithm
[M] SHA384 and SHA512 digest algorithms
[M] DES and Triple DES EDE cipher algorithms
[M] ARC4 cipher algorithm
[M] Deflate compression algorithm
Device Drivers --->
Networking support --->
[*] PPP (point-to-point protocol) support
[*] PPP filtering
[M] PPP support for async serial ports
[M] PPP support for sync tty ports
[M] PPP Deflate compression
[M] PPP BSD-Compress compression
[M] PPP MPPE compression (encryption) (NEW)
|
pppd
# emerge -av net-dialup/ppp
|
pptp
# emerge -a net-dialup/pptpclient
|
Diagnosing Problems
If you have problems with the tunnel and need to ask for help, start
pppd with complete logging:
# script pptp.log
Script started, file is pptp.log
# pppd call tunnelname dump debug logfd 2 nodetach
# exit
Script done, file is pptp.log
|
where tunnelname is the name of the tunnel you created in the
configuration program. For more detail, see enabling debug logging.
This will give you a file pptp.log that you can use to search
for known solutions in the Diagnosis
HOWTO or attach to an e-mail to the mailing
list.
Configuration, by hand
- obtain from your PPTP Server administrator:
- the IP address or host name of the server ($SERVER),
- the name you wish to use to refer to the tunnel ($TUNNEL),
- the authentication domain name ($DOMAIN),
- the username you are to use ($USERNAME),
- the password you are to use ($PASSWORD),
- whether encryption is required.
In the steps below, substitute these values manually. For example,
where we write $PASSWORD we expect you to replace this with your
password.
- create or edit the /etc/ppp/options.pptp file, which sets
options common to all tunnels:
lock noauth nobsdcomp nodeflate
|
- create or add lines to the /etc/ppp/chap-secrets file,
which holds usernames and passwords:
$DOMAIN\\$USERNAME PPTP $PASSWORD *
|
Note: if you are using a PPTP Server that does not require an
authentication domain name, omit the slashes as well as the domain
name.
Note: if the passwords contain any special characters, quote them.
See man pppd for more details.
- create a /etc/ppp/peers/$TUNNEL file:
pty "pptp $SERVER --nolaunchpppd"
name $DOMAIN\\$USERNAME
remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
ipparam $TUNNEL
|
Note: if you do not need MPPE support, then remove the
require-mppe-128 option from this file and
/etc/ppp/options.pptp.
- start the tunnel using the pon command:
to further diagnose a failure, add options to the command:
pon $TUNNEL debug dump logfd 2 nodetach
|
Note: we have further information on enabling debug mode, and on diagnosing problems.
- stop the tunnel using the poff command:
- to script the tunnel connection so that something is done as soon
as the tunnel is up, use either ip-up.d scripts or the
updetach keyword.
- see the Routing HOWTO
for examples of ip-up.d scripting that adds routes or
iptables rules.
- using updetach will cause pppd to fork, detach,
and exit with success once the network link is up. This example
connects a provider link, then the tunnel, then runs
fetchmail to get new e-mail:
pon provider updetach && pon $TUNNEL updetach && fetchmail
|
Note: the double ampersand && means that the commands
following it will only be executed if the command to the left of it
was successful. If the tunnel fails to connect, the fetchmail will
not happen.
- to have the tunnel automatically restarted if it fails, add the option
persist to either the command line or the
/etc/ppp/peers/$TUNNEL file.
- to set up routing, read our Routing
HOWTO, or use Network Manager.
If you have comments on this document, please send them to the author
at quozl at laptop.org. But if you need help, use the mailing list so that we can share the
load.
Date | Change |
2008-02-29 |
Removal of pptpconfig per mailing list posting.
|
2006-01-27 |
Simplification thanks to Edoardo.
|
2006-01-04 |
Linux kernel 2.6.15 includes MPPE.
|
2005-02-21 |
Add link to forum posting referenced in mail.
|
2005-01-11 |
Simplification and standardisation by James Cameron.
|
2005-01-05 |
Update by John Ross to reflect current setup requirements for x86
Gentoo Base System version 1.4.16, kernel 2.6.9-gentoo-r13
|
2004-10-13 |
Simplification by Surakshan, new package name for pptpconfig.
|
2004-09-06 |
Simplification and update of emerge commands by Sander Rijken
|
2004-02-27 |
Clarification about PHP dependency and minor reorganisation by Surakshan
|
2003-12-12 |
Simplification by Surakshan.
|
2003-12-11 |
More contributions from Surakshan.
|
2003-12-08 |
First draft.
|
|