[plug] PoPToP PPTP server for Linux ->Windows VPN
Steve Baker
steve at iinet.net.au
Mon Jun 30 18:20:39 WST 2003
Craig Ringer wrote:
> Hi folks
>
> I was wondering if someone on [plug] has any experience with PPTP,
> specifically the PoPToP VPN server for Linux. I'm having to deal with my
> first "mobile user" here (*ARRGGH*) and need a VPN option that I can
> restrict (firewall off SMB, etc), will run well on a Linux server and
> accept Windows client machines.
>
snip
>
> If anybody has worked with roaming windows (l)users needing access to a
> network with a linux gateway, I'd love to hear of your experiences.
>
We have PPTP on Linux running at my place of work. The guy who set up
the LAN before I started there set it up, and I'm not sure of the exact
steps he used. Once it's set up though, the configuration is very
similar to regular pppd.
Basically the Windows users define a VPN connection (2K/XP - add a
network connection, tell the wizard to 'connect to a private network
through the internet', give it the IP address of the gateway, etc) then
activate that connection. It's pretty straight-forward, and I've found
that It Just Works (tm).
At the server end, you assign IPs and other connection info (gateways,
dns, wins, etc.) as with regular pppd. Usernames/passwords are kept in
a pap-secrets or chap-secrets file, and I suspect you can authenticate
via LDAP or PAM as well (unconfirmed).
As with regular ppp, when the workstation authenticates successfully, it
becomes part of the network with whatever IP you assigned (individually
or from a pool). The VPN connection shows up as another interface in
ifconfig on the server, so you need to make sure that firewalling rules
are set properly. You can do this either globally somehow (ip ranges,
probably), or per-interface with if-up/if-down scripts.
The system works pretty well. We are mostly using it at the moment to
get access to workstations on the LAN via RDP or VNC, to work from home.
Hope this helps.
Regards,
Steve
More information about the plug
mailing list