2010年4月11日 星期日

PPTP (VPN) connect using pptp client

While I first time try to use pptp client to build the VPN connection. There were various problems occuring in the setup procedures. The most one is that I am not clear understand there are many firewall/NAT routers that set up with pptp blocking rules (don't allow pptp traffics passing through), so we must use private NAT router to allow pptp connections passing through.

We can use Linux pptp client to build the pptp connection under linux system.
http://pptpclient.sourceforge.net/howto-fedora-core-6.phtml

Install PPTP and the pptpconfig GUI using the following commands:

Step1.
# rpm -Uvh http://pptpclient.sourceforge.net/yum/stable/fc6/pptp-release-current.noarch.rpm
# yum --enablerepo=pptp-stable install pptpconfig

Step2.
enter the server, domain, username and password into the Server tab.

Step3.
In my case, I don't need the following setting.
if your PPTP connection need encryption like MPPE, (your administrator says encryption is required), then on the Encryption tab, click on Require Microsoft Point-to-Point Encryption (MPPE).

Step4.
click on Add, and the tunnel will appear in the list.

Step5.
Click on the tunnel to select it, click on Start, and a window will appear with the tunnel connection log and status.

Step6.
if the connection succeeded, you can try the Ping test button. If the ping fails, you should try to find out why before proceeding. If the ping works, then the tunnel is active and you may now work on routing.

Step7.
In most case, the system will produce a new "ppp0" network interface. This is the point to point network interface that the local LAN traffic will communicate with remote pptp server.

We can add the routing entries like following example to specify dedicated routing domains via the ppp interface (If we clear know which destination routing domains)
# route add -net ${NET} dev ${IFACE}
e.g.
# route add -net 192.168.18.0/24 dev ppp0

or simply change the default route to the ppp0 ip address
# route del default
# route add default gw ${PPP0-IFACE-IP-Address}

沒有留言: