|
|
|
|
|
|
pptp client |
|
![](images/spacer.gif) |
![](images/spacer.gif) |
|
![](images/spacer.gif) |
![](images/spacer.gif) |
![](images/spacer.gif) |
documentation |
![](images/spacer.gif) |
![](images/spacer.gif) |
|
![](images/spacer.gif) |
![](images/spacer.gif) |
![](images/spacer.gif) |
team |
![](images/spacer.gif) |
![](images/spacer.gif) |
|
![](images/spacer.gif) |
![](images/spacer.gif) |
![](images/spacer.gif) |
![](images/spacer.gif) |
| |
PPTP Client
SUSE 9.2 HOWTO
by Ross Beveridge, James Cameron & Andrew Davis 30th March 2005
Introduction
With the default install, PPTP Client 1.5.0 and PPP 2.4.2 are
included, as packages pptp-1.5.0-2 and ppp-2.4.2-49 respectively. The
kernel has MPPE support already.
- remove the old pptp-php-gtk package if it was installed previously:
# rpm --erase pptp-php-gtk
|
- download the configuration program interpreter php-pcntl rpm
(mirror link)
and install it like this:
# rpm --install php-pcntl-4.3.9-2.i386.rpm |
- download the configuration program GTK+ interface php-gtk-pcntl rpm
(mirror link)
and install it like this:
# rpm --install --nodeps php-gtk-pcntl-1.0.1-2.i386.rpm |
Note: after installing this package, resolve the dependencies; run
YaST2, click (twice) on "ignore and risk system inconsistency"
for the usermode package dependency, click on the Accept
button and a list of the Automatic Changes will be shown.
Install these extra packages required by php-gtk-pcntl.
- download the configuration program pptpconfig rpm
(mirror link)
and install it like this:
# rpm --install --nodeps pptpconfig-20040722-4.noarch.rpm |
Failed Dependencies or Unresolved Requirements? |
We know
[1]
[2].
It is intentional. We're letting you use generic RPMs that are not
SUSE specific. That's why we say above to install the RPMs using the
--nodeps option. Please log a bug with SUSE to get them to
package the most recent versions, or if you are a packager yourself,
please join the mailing list and
contribute your packages to the project. You might also like to check
Paul
Howarth's PPTP Packages in case this has already been
solved. |
- if you are using SuSE firewall, you may either turn it off
by typing SuSEfirewall2 off, or reconfigure it as follows:
- open YaST,
- click on System which is on the left hand side,
- open the /etc/sysconfig Editor,
- click +Network then +Firewall then +SuSEfirewall2,
- add "1723" to FW_SERVICES_EXT_TCP,
- add "GRE" to FW_SERVICES_EXT_IP, FW_SERVICES_DMZ_IP,
FW_SERVICES_INT_IP and FW_SERVICES_QUICK_IP (we're not sure if all
four are required, it depends on where the server is in relation to
your client, as far as the network interfaces are concerned),
- click FINISH.
Note: the screen image above is an example, we have also selected
ssh for FW_SERVICES_EXT_TCP, but ssh is not required for
operation of the tunnel. The example demonstrates how to add
1723 to an already configured rule.
2005-03-30 | ![](images/spacer.gif) |
- run pptpconfig as
root (e.g. using kdesu), set up IP address of VPN and so forth
(see below for details), enable "all to tunnel" and hit start ...
2005-03-30 | ![](images/spacer.gif) |
- SuSE 9.2 ships with a ten minute idle connection timer
which affects PPTP tunnels. This is in their configuration file
/etc/ppp/options, where it says idle 600. You may either
change this file, or add idle 0 to the pppd options
section of pptpconfig.
2005-02-25 | ![](images/spacer.gif) |
Configuration
- obtain from your PPTP Server administrator:
- the IP address or host name of the server,
- the authentication domain name, (e.g. WORKGROUP),
- the username you are to use,
- the password you are to use,
- whether encryption is required.
- run pptpconfig.php as root, and a window should appear,
![](images/ss-1.png)
- enter the server, domain, username and password into the Server tab,
- if you decided in Installation step 1 above that you would need
MPPE, and if your administrator says encryption is required, then on
the Encryption tab, click on Require Microsoft
Point-to-Point Encryption (MPPE),
![](images/ss-4-encryption.png)
- click on Add, and the tunnel will appear in the list,
- click on the tunnel to select it, click on Start, and a
window will appear with the tunnel connection log and status,
- if the connection fails, you will need to gather more information,
so on the Miscellaneous tab, click on Enable connection
debugging facilities, click Update, try Start again,
then look at the Diagnosis HOWTO for
whatever error is displayed.
![](images/ss-5-misc.png)
- if the connection succeeded, you can try the Ping test
button. If the ping fails, you should try to find out why before
proceeding. If the ping works, then the tunnel is active and you may
now work on routing.
- decide whether all your network traffic should go via the tunnel
or not. If so, Stop the tunnel, select it again, then on the
Routing tab, click on All to Tunnel, then click
Update and try Start again. Now try to access the
network behind the server.
- on the other hand, if only some of your network traffic should go
via the tunnel, you will need to obtain from the server administrator
or folk lore a series of network routes to enter. Stop the
tunnel, select it again, then click on either Client to LAN or
LAN to LAN on the Routing tab, use the Edit Network
Routes button to enter the routes one by one, and then try
Start again. Now try to access the network behind the
server.
![](images/ss-2a-client-to-lan.png)
For further help with Routing, read our Routing
HOWTO.
If you have comments on this document, please send them to the author
at quozl at laptop.org. But if you need help, use the mailing list so that we can share the
load.
Date | Change |
2005-03-30 |
Added note about ssh thanks to tibi.
|
2005-02-25 |
Added comment from Clinton Gormley regarding the idle 600
option set by SuSE.
|
2005-02-01 |
Add procedure for opening firewall to allow tunnel, thanks to Brock
Steiner on the mailing list. Added comment that installed kernel
already has MPPE support.
|
2005-01-12 |
Rework following feedback from Ross Kendall. Removed pptp-php-gtk,
removed --nodeps for php-* packages, linked to hint to run as root.
|
2004-12-09 |
Fix heading. Thanks to Brock Steiner.
|
2004-11-16 |
First draft.
|
|