From: Murat SULUHAN (murat.suluhan@tesam.com.tr)
Date: Tue 19 Dec 2000 - 08:49:41 EET
www.linux-mag.com
Linux magazine adresinde VPN icin dokuman var
--------------------------------
|
| Murat SULUHAN
| TE.SA.M. T.U.R.K. / GLOBALSTAR
|
--------------------------------
> -----Original Message-----
> From: linux@listweb.bilkent.edu.tr
> [mailto:linux@listweb.bilkent.edu.tr]On Behalf Of Muhammed SOYER
> Sent: Monday, December 18, 2000 11:01 PM
> To: Multiple recipients of list LINUX
> Subject: [LINUX:23112] Re: vpn ile baglanti
>
>
> Bende ugrasmis idim bu vpn olayi ile bir ara ..Kendim icin takip ettigim
> dokumalar ile yari ingilizce yari turkce bir dokuman olusturmus idim isini
> gorur umarim
>
>
>
> Setting up the Linux PPTP Client
> After spending multiple hours pulling out hair, digging through
> newsgroups,
> etc., I finally have the Linux PPTP client up and running with a Microsoft
> PPTP server. I wrote this documentation to hopefully save other
> people some
> time. I am using RedHat 6.2, so you may have to adjust the instructions
> according to your distro...
> PPP (and MSCHAPv2/MPPE) Installation
> Update PPP using Jeff Blaize's PoPToP (the Linux PPTP server)
> instructions.(asagida) After step 5, make the following changes before
> proceeding to step 6.
> Open up /usr/src/ppp-2.3.8/linux/ppp.c and make the following change:
> --- drivers/net/ppp.c~ Wed Apr 12 19:56:45 2000
> +++ drivers/net/ppp.c Wed Apr 12 20:28:39 2000
> @@ -2560,7 +2560,7 @@
> wake_up_interruptible (&ppp->read_wait);
> if (ppp->tty->fasync != NULL)
> - kill_fasync (ppp->tty->fasync, SIGIO);
> + kill_fasync (ppp->tty->fasync, SIGIO, POLL_IN);
> return 1;
> }
> Apparently, the kinstall script doesn't install the rc4.h and rc4_enc.h
> files, but it will _update_ them if they already exist. The fix
> for me was
> to copy them into the kernel build directory (/usr/src/linux/drivers/net)
> before running kinstall.sh.
> Note that the configuration files for the client are different. Sample
> /etc/ppp/options file for using PPTP client:
> lock
> debug
> noauth
> mppe-40
> mppe-128
> mppe-stateless
> You'll probably want to remove the debug option once everything
> is working.
> Sample /etc/ppp/chap-secrets file:
> # Secrets for authentication using CHAP
> # client server secret IP addresses
> jsmith pptpserver password
> The PPTP server I'm connecting to gives me an address on the 10.0.0.0
> network. I prefer to keep my default route so that the PPTP
> connection only
> gets packets headed to the 10.0.0.0 network. To do this, just add a route
> after the connection is up. On RedHat, this is done via the
> /etc/ppp/ip-up.local file:
> #!/bin/bash
> # This script is called with the following options:
> #
> # 0 name of this script
> # 1 interface-name
> # 2 tty-device
> # 3 speed
> # 4 local-IP-address
> # 5 remote-IP-address
> # add route
> /sbin/route add -net 10.0.0.0 netmask 255.0.0.0 gw $5 $1
>
> Sample /etc/hosts file:
> 192.168.0.1 pptpserver
> PPTP Client Installation
> Grab PPTP-Linux v1.0.2.
> There is a bug in the PPTP client that shows up if you are behind a Linux
> masquerading firewall (may show up behind other firewalls too - not sure).
> Here is the fix (in file pptp.c):
> 3. 130c130
> 4. < pptp_gre_copy(call_id, peer_call_id, pty_fd, inetaddr);
> 5. ---
> > pptp_gre_copy(peer_call_id, call_id, pty_fd, inetaddr);
> Sample pptp-up script:
> #!/bin/bash
> /usr/sbin/pptp pptpserver name jsmith remotename pptpserver
> Sample pptp-down script:
> #!/bin/bash
> killall pppd
> killall pptp
> Wrap-Up
> At this point, you should be ready to try and connect to your
> server. Just
> run the pptp-up script as root. If it doesn't work, check your logfiles
> (check /etc/syslog.conf to make sure you are capturing the output).
> If everything works or if I've made some errors, please let me know.
>
> 3.0 PPP (and MSCHAPv2/MPPE) Installation
> It is only necessary to use PPP 2.3.8 if you want Microsoft compatible
> MSCHAPv2/MPPE authentication and encryption. The reason for this
> is that the
> MSCHAPv2/MPPE patch currently supplied (19990813) is against PPP 2.3.8. If
> you don't need Microsoft compatible authentication/encryption any
> 2.3.x PPP
> source will be fine.
> Assuming you want Microsoft compatible authentication/encryption follow
> these steps:
> 1. Grab yourself a clean copy of the PPP daemon v2.3.8
> (ppp-2.3.8.tar.gz). I usually go here for my PPP files:
> ftp://cs.anu.edu.au/pub/software/ppp/ Note: You must get the tarball
> (tar.gz) and *not* the RPM.
> 2. Grab yourself the MSCHAPv2/MPPE diff file from:
> http://www.moretonbay.com/vpn/releases/ppp-2.3.8-mppe-others-norc4
> _TH7.diff.
> gz
> 3. Grab yourself the SSLeay-0.6.6b file from:
> ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-0.6.6b.tar.gz
> 4. You should now have 3 files:
> 5. ppp-2.3.8.tar.gz
> 6. ppp-2.3.8-mppe-others-norc4_TH7.diff.gz
> 7. SSLeay-0.6.6b.tar.gz
> Copy these files to your preferred location (I prefer /usr/local/src/).
> Assuming your newly retrieved source files are in /usr/local/src/ and your
> current working directory is also /usr/local/src/ do the following:
> 9. tar zxvf ppp-2.3.8.tar.gz
> 10. gunzip ppp-2.3.8-mppe-others-norc4_TH7.diff.gz
> 11. tar zxvf SSLeay-0.6.6b.tar.gz
> 12. cp SSLeay-0.6.6b/crypto/rc4/rc4.h ppp-2.3.8/linux/
> 13. cp SSLeay-0.6.6b/crypto/rc4/rc4_enc.c ppp-2.3.8/linux/
> 14. patch -p0 < ppp-2.3.8-mppe-others-norc4_TH7.diff
> 15. cd ppp-2.3.8
> The files should now all be in place and we are ready to compile
> PPP. Follow
> these steps to compile it:
> 17. ./configure
> 18. cd linux
> 19. ./kinstall.sh
> 20. cd ..
> 21. make
> 22. cp pppd/pppd /usr/sbin/
> 23. cd /usr/src/linux
> 24. make modules SUBDIRS=drivers/net
> 25. make modules_install
> 26. rmmod ppp
> 27. insmod ppp
> 28. insmod ppp_mppe
>
>
>
>
>
> Bunu ppp 2.38 icinde ppp.c dosyasina uygula
> Sonra kintall.sh yap
>
> *** ppp.c Wed Mar 15 11:29:23 2000
> --- ppp.c.fix Wed Mar 15 11:36:07 2000
> ***************
> *** 1831,1836 ****
> --- 1831,1839 ----
> temp_i = PPP_MRU;
> ppp->mru = temp_i;
> =20
> + ppp->mru += 4; /* SOR: for PPTP */
> + printk("%s: mru now =
> %d\n",__FUNCTION__,ppp->mru); /* SOR:
> for =
> PPTP */
> +=20
> if (ppp->flags & SC_DEBUG)
> printk(KERN_INFO
> "ppp_ioctl: set mru to %x\n", temp_i);
> ***************
> *** 2647,2653 ****
> int new_count;
>
> =20
> /* Allocate an skb for the compressed frame. */
> ! new_skb = alloc_skb(ppp->mtu + PPP_HDRLEN , GFP_ATOMIC);
> if (new_skb == NULL) {
> printk(KERN_ERR "ppp_send_frame: no memory\n");
> KFREE_SKB(skb);
> --- 2650,2656 ----
> int new_count;
> =20
> /* Allocate an skb for the compressed frame. */
> ! new_skb = alloc_skb(ppp->mtu + PPP_HDRLEN + 4,
> GFP_ATOMIC);
> /* =
> SOR: added + 4 */
> if (new_skb == NULL) {
> printk(KERN_ERR "ppp_send_frame: no memory\n");
> KFREE_SKB(skb);
> ***************
> *** 2659,2665 ****
> /* Compress the frame. */
> new_count = (*ppp->sc_xcomp->compress)
> (ppp->sc_xc_state, data, new_skb->data,
> ! count, ppp->mtu + PPP_HDRLEN);
> =20
> /* Did it compress? */
> if (new_count > 0 && (ppp->flags & SC_CCP_UP)) {
> --- 2662,2668 ----
> /* Compress the frame. */
> new_count = (*ppp->sc_xcomp->compress)
> (ppp->sc_xc_state, data, new_skb->data,
> ! count, ppp->mtu + PPP_HDRLEN + 4);/*SOR: added + 4 */
> =20
> /* Did it compress? */
> if (new_count > 0 && (ppp->flags & SC_CCP_UP)) {
>
> ------=_NextPart_000_025E_01BF8E7A.B787AE20--
>
>
>
>
> Not:pptp.c de bir degisiklik yapilmis idi ama ilgili dokumani bulamadim 2
> satir exchange ediliyor idi JAma sanirim cok ta onemli degil ..
>
>
>
> ----- Original Message -----
> From: Pony
> To: Multiple recipients of list LINUX
> Sent: Monday, December 18, 2000 8:38 PM
> Subject: [LINUX:23103] vpn ile baglanti
>
>
> Daha once liste uyelerine sormustum vpn kullanimini. Kimseden ses
> gelmeyince ben arastirmaya basladim. VPN-Howto lar yardimi ile belli bir
> yere geldim. Gerekli programlari cektim. Denemelerime ve ugrasilarima
> devam ediyorum ama win9x ile baglanabildigim pptp.speedcast.com adresine
> henuz baglantiyi gerceklestirebilmis degilim. Yardimci olabileceklerin
> yardimlarini bekliyorum.
>
> pony
>
>
> Listeden cikmak icin:
> unsub linux
> mesajini listeci@bilkent.edu.tr adresine gonderiniz.
> Lutfen Listeci icin MIME / HTML / Turkce Aksan kullanmayin.
> Listeci arayuzu: http://listweb.bilkent.edu.tr/yardim/bilkent/linux.html
> Liste arsivinin adresi: http://listweb.bilkent.edu.tr/
>
>
>
> Listeden cikmak icin:
> unsub linux
> mesajini listeci@bilkent.edu.tr adresine gonderiniz.
> Lutfen Listeci icin MIME / HTML / Turkce Aksan kullanmayin.
> Listeci arayuzu: http://listweb.bilkent.edu.tr/yardim/bilkent/linux.html
> Liste arsivinin adresi: http://listweb.bilkent.edu.tr/
>
Listeden cikmak icin:
unsub linux
mesajini listeci@bilkent.edu.tr adresine gonderiniz.
Lutfen Listeci icin MIME / HTML / Turkce Aksan kullanmayin.
Listeci arayuzu: http://listweb.bilkent.edu.tr/yardim/bilkent/linux.html
Liste arsivinin adresi: http://listweb.bilkent.edu.tr/