You are on the move and need
to access some files from your office computer. Wouldn’t it be nice to dial up your
office server and download the files using FTP? You can do just that with a remote dial-in
server running on your organization’s network. In this article, we’ll explain
how to configure a remote dial-in server in Red Hat Linux using the PPP protocol.
The first step is to install the modem. Plug in the modem’s
serial cable into a spare serial port on your computer. A phone-line should also be
connected to your modem. Start Linux and log in as root. You should remain logged in as
root throughout the setup process. You should also start the X Windowing system.
Fire up glint, the X interface to the Red Hat Package Manager, and
check whether mgetty and PPP packages are installed. mgetty can be found in the
Networking/Utilities folder and PPP in the Networking/Daemons folder.
If these packages aren’t installed on your system, mount the PC
Quest CD in /mnt/cdrom. Once the CD is mounted, switch over to glint and click on the
Available button. Glint should show you a list of available packages arranged in a series
of folders. Double click on the Networking folder and then on the Daemons folder. Search
for the PPP package, select it and click on the Install button. Glint should now install
the PPP package.
Similarly, move to the Networking/Utilities folder, search for the
mgetty package and install it.
Okay, now that both PPP and mgetty have been installed, the next
step is to configure the two packages. Let’s start with mgetty first. Mgetty is a
replacement for the standard Unix getty, capable of handling serial connections. The getty
process is responsible for the login prompt and getting the login name from the user. Open
up the /etc/inittab file in your favorite text editor and add
V1:2345:respawn:/sbin/mgetty -s 115200 ttyS0
at the end. When Linux starts, the init process goes through this
file, looking for processes to execute. The option 2345 tells init to run the mgetty
process in the multi-user run levels 2, 3, 4, and 5. The respawn option allows mgetty to
restart every time it terminates.
Let’s examine the parameters given to mgetty itself. The
parameter "-s 115200" directs mgetty to use the serial port at the highest
possible speed, 11,5200 bps. Remember that this is the speed at which the computer
communicates with the modem. The modem usually talks to other modems at a lower speed. The
last parameter, ttyS0 should be used if your modem is connected to the serial port, COM1.
If your modem is on COM2, type ttyS1 instead.
Remember that mgetty will lock the modem for its own use. If you
wish to use the server for dialing out, you’ll have to terminate the mgetty process
either manually or through some shell scripts.
Since we plan to use Windows Dialup Networking to connect, it makes
sense to enable PAP authentication, that way users don’t have to mess with stuff like
dial-in scripts.
Edit the file /etc/mgetty+sendfax/login.config, and make sure that
the line with "/AutoPPP/" is uncommented, remove the # mark in front of it, and
edit it so that it looks like this:
/AutoPPP/ - - /etc/ppp/ppplogin
Save the file.
to create this one. It’s a small file that has the following contents:
#!/bin/sh
mesg n
tty -echo
/usr/sbin/pppd silent auth -chap +pap login
Save the file and make it executable:
chmod +x /etc/ppp/ppplogin
Now create or update the /etc/ppp/options file:
-detach
modem
lock
crtscts
asyncmap 0
netmask 255.255.255.0
proxyarp
ms-dns
In the above replace
LAN’s DNS server. In our case, the machine 192.168.1.15 acts as our DNS, so we used:
ms-dns 192.168.1.15
Create another file /etc/ppp/options.ttyS0 and add the following to
it:
For example, we used ws120.cmil.com:192.168.1.200
The hostname can be had by running the hostname command. You could
also look into the /etc/HOSTNAME file. The second address is allocated to the remote
system. Any unused IP address on your network should do.
Also remember to set PPPD as SUID root as it configures a network
interface and manipulates kernel routing tables. All this requires special privileges. To
do this, run the command:
# chmod +s /usr/sbin/pppd
Finally, let’s update the PAP authentication database. This is
simple, we are going to validate users against the standard /etc/passwd, so all you need
to do is edit the file /etc/ppp/pap-secrets, and add one line for every IP address you are
going to allocate to a dial-in connection. In our setup, /etc/ppp/pap-secrets looks like
this:
# Secrets for authentication using
PAP
# client server secret IP addresses
* * "" 192.168.1.200
You might add more lines that are identical to the last one shown
above, one for every IP address you’ll be using.
re-read the file /etc/inittab and start the required processes. Now, dial-in PPP should be
up and running, you can check this on your modem, the DTR light will have come on.
To connect via PPP, dial in from any other system using dial up
networking.
To connect from a Win 9x system, go to Dialup Networking in My
Computer, select "Make a New Connection", enter some name (such as "Linux
dialup"), make sure the correct modem is selected (and optionally configure it), and
press Next. Do not select "bring up terminal after dialing" in the modem
configuration, it’s not required. Nor should you assign a dialup-script.
Enter the telephone number that is attached to your modem, press
Next, and then finish the setup. Now right click the newly created connection, go to
"Server Types" and disable "Log on to Network", NetBEUI and IPX/SPX
Compatible, leaving only "TCP/IP" and "Enable Software Compression"
ticked. Click on OK.
That’s it. Now to connect from the Win 9x machine, double click
the new connection, enter your user ID and password (and optionally tell the system to
remember your password), click on connect, and your Windows machine will dial into the
Linux box, connect, establish PPP, and voila! You are on! Check it out by pointing your
browser to your Linux box, you should see the Web pages stored there. Tell your mail
client to send and receive mail via the Linux box, and that too works.
While reading this, you might feel that the setup is complex.
Don’t let this detailed article scare you away. We thought the same but the whole
process took us a little less than five minutes, and was far easier than configuring a Win
NT RAS server.