by December 2, 2003 0 comments



A VPN (Virtual Private Network) is used to create a secure connection over the Internet between two networks. Commonly used VPN protocols are PPTP (Point To Point Tunneling Protocol), L2TF (Layer 2 Tunneling Protocol) and IPSec (IP Security). In this article we’ll implement PopTop, a VPN solution in Linux that uses
PPTP. 

First, install PCQLinux 8.0 on a machine having two network cards (connected to the Internal and external networks). Assign the following values to the internal/external network cards: 

IP: 192.168.1.1/192.168.2.1
Netmask: 255.255.255.0/255.255.255.0
Gateway: 192.168.1.2/192.168.1.2

Download two files kernelmod-0.7.1.tar.gz and pptpd-1.1.3-20030409.tar.gz from www.poptop.org and extract them as follows: 

tar —zxf kernelmod-0.7.1.tar.gz
tar —zxf pptpd-1.1.3-20030409.tar.gz

This will produce directories named kernelmod and poptop, respectively. Change to the kernelmod directory and issue the
./kernelmod.sh command.

Now go to the poptop directory and issue the following commands: 

./configure
make 
make install

Copy files pptpd.conf and options.pptpd, found in the subdirectory samples of poptop, to /etc and /etc/ppp directories, respectively. 

Open the file named /etc/pptpd.conf file in a text editor, scroll down to the section that defines localip and remoteip and set them as follows.

localip 192.168.2.1
remoteip 192.168.2.10-20

Here, localip is the IP address of your Linux VPN server, while remoteip is the IP address range that will be assigned to VPN clients. 

To set a username and password for connecting clients, open the file chap-secrets file found in /etc/ppp and append the following.

shekhar pptpd pcq123 *

where shekhar and pcq123 are the username and password, respectively. 

PopTop server gets installed in the directory /usr/local/sbin. Start it usin the /usr/local/sbin/pptpdcommand. To check whether the server is up and running issue:

ps —e | grep pptpd

An output will confirm the running of PopTop server. issue the ps —e command to stop the server at any point.

Note the process ID (the number shown in the output) corresponding to pptpd and issue the following command to stop it.

kill <process ID>

You can connect to the PopTop server from a machine on another network through dial-up or a direct network connection.

For the former, your PCQLinux machine must be connected to a modem and set up to accept dial-ins. The client machines can be Windows or Linux. For the exact methodology to set up the various versions of Windows and Linux to connect to PopTop, refer to
http://poptop.sourceforge.net/dox/.

While connecting, use the username and password that you had specified in chap-secrets file (as explained above).

For more on PopTop itself, refer to the URL www.poptop.org.

Shekhar Govindarajan

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

<