From: Muhammed SOYER (ms@ges.net.tr)
Date: Mon 18 Dec 2000 - 23:01:26 EET
Bende ugrasmis idim bu vpn olayi ile bir ara ..Kendim icin takip ettigim
dokumalar ile yari ingilizce yari turkce bir dokuman olusturmus idim isini
gorur umarim
Setting up the Linux PPTP Client
After spending multiple hours pulling out hair, digging through newsgroups,
etc., I finally have the Linux PPTP client up and running with a Microsoft
PPTP server. I wrote this documentation to hopefully save other people some
time. I am using RedHat 6.2, so you may have to adjust the instructions
according to your distro...
PPP (and MSCHAPv2/MPPE) Installation
Update PPP using Jeff Blaize's PoPToP (the Linux PPTP server)
instructions.(asagida) After step 5, make the following changes before
proceeding to step 6.
Open up /usr/src/ppp-2.3.8/linux/ppp.c and make the following change:
--- drivers/net/ppp.c~ Wed Apr 12 19:56:45 2000
+++ drivers/net/ppp.c Wed Apr 12 20:28:39 2000
@@ -2560,7 +2560,7 @@
wake_up_interruptible (&ppp->read_wait);
if (ppp->tty->fasync != NULL)
- kill_fasync (ppp->tty->fasync, SIGIO);
+ kill_fasync (ppp->tty->fasync, SIGIO, POLL_IN);
return 1;
}
Apparently, the kinstall script doesn't install the rc4.h and rc4_enc.h
files, but it will _update_ them if they already exist. The fix for me was
to copy them into the kernel build directory (/usr/src/linux/drivers/net)
before running kinstall.sh.
Note that the configuration files for the client are different. Sample
/etc/ppp/options file for using PPTP client:
lock
debug
noauth
mppe-40
mppe-128
mppe-stateless
You'll probably want to remove the debug option once everything is working.
Sample /etc/ppp/chap-secrets file:
# Secrets for authentication using CHAP
# client server secret IP addresses
jsmith pptpserver password
The PPTP server I'm connecting to gives me an address on the 10.0.0.0
network. I prefer to keep my default route so that the PPTP connection only
gets packets headed to the 10.0.0.0 network. To do this, just add a route
after the connection is up. On RedHat, this is done via the
/etc/ppp/ip-up.local file:
#!/bin/bash
# This script is called with the following options:
#
# 0 name of this script
# 1 interface-name
# 2 tty-device
# 3 speed
# 4 local-IP-address
# 5 remote-IP-address
# add route
/sbin/route add -net 10.0.0.0 netmask 255.0.0.0 gw $5 $1
Sample /etc/hosts file:
192.168.0.1 pptpserver
PPTP Client Installation
Grab PPTP-Linux v1.0.2.
There is a bug in the PPTP client that shows up if you are behind a Linux
masquerading firewall (may show up behind other firewalls too - not sure).
Here is the fix (in file pptp.c):
3. 130c130
4. < pptp_gre_copy(call_id, peer_call_id, pty_fd, inetaddr);
5. ---
> pptp_gre_copy(peer_call_id, call_id, pty_fd, inetaddr);
Sample pptp-up script:
#!/bin/bash
/usr/sbin/pptp pptpserver name jsmith remotename pptpserver
Sample pptp-down script:
#!/bin/bash
killall pppd
killall pptp
Wrap-Up
At this point, you should be ready to try and connect to your server. Just
run the pptp-up script as root. If it doesn't work, check your logfiles
(check /etc/syslog.conf to make sure you are capturing the output).
If everything works or if I've made some errors, please let me know.
3.0 PPP (and MSCHAPv2/MPPE) Installation
It is only necessary to use PPP 2.3.8 if you want Microsoft compatible
MSCHAPv2/MPPE authentication and encryption. The reason for this is that the
MSCHAPv2/MPPE patch currently supplied (19990813) is against PPP 2.3.8. If
you don't need Microsoft compatible authentication/encryption any 2.3.x PPP
source will be fine.
Assuming you want Microsoft compatible authentication/encryption follow
these steps:
1. Grab yourself a clean copy of the PPP daemon v2.3.8
(ppp-2.3.8.tar.gz). I usually go here for my PPP files:
ftp://cs.anu.edu.au/pub/software/ppp/ Note: You must get the tarball
(tar.gz) and *not* the RPM.
2. Grab yourself the MSCHAPv2/MPPE diff file from:
http://www.moretonbay.com/vpn/releases/ppp-2.3.8-mppe-others-norc4_TH7.diff.
gz
3. Grab yourself the SSLeay-0.6.6b file from:
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-0.6.6b.tar.gz
4. You should now have 3 files:
5. ppp-2.3.8.tar.gz
6. ppp-2.3.8-mppe-others-norc4_TH7.diff.gz
7. SSLeay-0.6.6b.tar.gz
Copy these files to your preferred location (I prefer /usr/local/src/).
Assuming your newly retrieved source files are in /usr/local/src/ and your
current working directory is also /usr/local/src/ do the following:
9. tar zxvf ppp-2.3.8.tar.gz
10. gunzip ppp-2.3.8-mppe-others-norc4_TH7.diff.gz
11. tar zxvf SSLeay-0.6.6b.tar.gz
12. cp SSLeay-0.6.6b/crypto/rc4/rc4.h ppp-2.3.8/linux/
13. cp SSLeay-0.6.6b/crypto/rc4/rc4_enc.c ppp-2.3.8/linux/
14. patch -p0 < ppp-2.3.8-mppe-others-norc4_TH7.diff
15. cd ppp-2.3.8
The files should now all be in place and we are ready to compile PPP. Follow
these steps to compile it:
17. ./configure
18. cd linux
19. ./kinstall.sh
20. cd ..
21. make
22. cp pppd/pppd /usr/sbin/
23. cd /usr/src/linux
24. make modules SUBDIRS=drivers/net
25. make modules_install
26. rmmod ppp
27. insmod ppp
28. insmod ppp_mppe
Bunu ppp 2.38 icinde ppp.c dosyasina uygula
Sonra kintall.sh yap
*** ppp.c Wed Mar 15 11:29:23 2000
--- ppp.c.fix Wed Mar 15 11:36:07 2000
***************
*** 1831,1836 ****
--- 1831,1839 ----
temp_i = PPP_MRU;
ppp->mru = temp_i;
=20
+ ppp->mru += 4; /* SOR: for PPTP */
+ printk("%s: mru now = %d\n",__FUNCTION__,ppp->mru); /* SOR:
for =
PPTP */
+=20
if (ppp->flags & SC_DEBUG)
printk(KERN_INFO
"ppp_ioctl: set mru to %x\n", temp_i);
***************
*** 2647,2653 ****
int new_count;
=20
/* Allocate an skb for the compressed frame. */
! new_skb = alloc_skb(ppp->mtu + PPP_HDRLEN , GFP_ATOMIC);
if (new_skb == NULL) {
printk(KERN_ERR "ppp_send_frame: no memory\n");
KFREE_SKB(skb);
--- 2650,2656 ----
int new_count;
=20
/* Allocate an skb for the compressed frame. */
! new_skb = alloc_skb(ppp->mtu + PPP_HDRLEN + 4, GFP_ATOMIC);
/* =
SOR: added + 4 */
if (new_skb == NULL) {
printk(KERN_ERR "ppp_send_frame: no memory\n");
KFREE_SKB(skb);
***************
*** 2659,2665 ****
/* Compress the frame. */
new_count = (*ppp->sc_xcomp->compress)
(ppp->sc_xc_state, data, new_skb->data,
! count, ppp->mtu + PPP_HDRLEN);
=20
/* Did it compress? */
if (new_count > 0 && (ppp->flags & SC_CCP_UP)) {
--- 2662,2668 ----
/* Compress the frame. */
new_count = (*ppp->sc_xcomp->compress)
(ppp->sc_xc_state, data, new_skb->data,
! count, ppp->mtu + PPP_HDRLEN + 4);/*SOR: added + 4 */
=20
/* Did it compress? */
if (new_count > 0 && (ppp->flags & SC_CCP_UP)) {
------=_NextPart_000_025E_01BF8E7A.B787AE20--
Not:pptp.c de bir degisiklik yapilmis idi ama ilgili dokumani bulamadim 2
satir exchange ediliyor idi JAma sanirim cok ta onemli degil ..
----- Original Message -----
From: Pony
To: Multiple recipients of list LINUX
Sent: Monday, December 18, 2000 8:38 PM
Subject: [LINUX:23103] vpn ile baglanti
Daha once liste uyelerine sormustum vpn kullanimini. Kimseden ses
gelmeyince ben arastirmaya basladim. VPN-Howto lar yardimi ile belli bir
yere geldim. Gerekli programlari cektim. Denemelerime ve ugrasilarima
devam ediyorum ama win9x ile baglanabildigim pptp.speedcast.com adresine
henuz baglantiyi gerceklestirebilmis degilim. Yardimci olabileceklerin
yardimlarini bekliyorum.
pony
Listeden cikmak icin:
unsub linux
mesajini listeci@bilkent.edu.tr adresine gonderiniz.
Lutfen Listeci icin MIME / HTML / Turkce Aksan kullanmayin.
Listeci arayuzu: http://listweb.bilkent.edu.tr/yardim/bilkent/linux.html
Liste arsivinin adresi: http://listweb.bilkent.edu.tr/
Listeden cikmak icin:
unsub linux
mesajini listeci@bilkent.edu.tr adresine gonderiniz.
Lutfen Listeci icin MIME / HTML / Turkce Aksan kullanmayin.
Listeci arayuzu: http://listweb.bilkent.edu.tr/yardim/bilkent/linux.html
Liste arsivinin adresi: http://listweb.bilkent.edu.tr/