How to connect from CentOS to PPPT VPN

Ngày 31 tháng 5 năm 2012 Trương Chương Dương
Greetings!

Recently I had a need to connect to a VPN from my CentOS system. So I searched the Web and found no clear instructions how to do it.
Having spent some time I got it working. I decided to post the instructions here, maybe this will help people not to waste time looking for a solution.

My configuration is CentOS 5.6 (no GUI) on VMWare virtual machine, in Bridged mode, on a Windows 7 Home Premium host.
The target VPN supports PPTP mode, CHAP authentication and requires MPPE encryption, I have VPN server address, username and password.
1. Install the software:

1.1 Make sure that ppp is installed (it is a part of CentOS install, but anyway):

sudo yum install ppp

1.2 Install PPTP:

sudo yum install pptp

2. Configure ppp:

2.1 Set pptpd options:

create file /etc/ppp/peers/<your_connection_name> and add the following lines:

pty "/usr/sbin/pptp <vpn_server_address> --nolaunchpppd"
connect /bin/true
name <username>
refuse-eap
require-mppe-128
noauth
debug
updetach
remotename bit
defaultroute
usepeerdns


# Note: I used refuse-eap option because the thing tried to authenticate using EAP and the server broke the connection. I had also an error "The synchronous pptp option is NOT activated", it appeared to be because of require-mppe-128 option missing

2.2 Configure username and password:

edit file /etc/ppp/chap-secrets and add the following:

<username> * <password> *

2.3 If /sbin/route shows that there is default route for current network connection, we have to add another default route for ppp0 to be able
to use the vpn. This is because pppd's defaultroute option does not override existing default (by design). The ip-up.local is a script that is executed after the connection has been established:

create file /etc/ppp/ip-up.local and add the following:

/sbin/route add default ppp0

make ip-up.local executable:

sudo chmod 755 /etc/ppp/ip-up.local

3. To start VPN:

sudo /usr/sbin/pppd call <your_connection_name>

4. To stop VPN (this will automatically delete all ppp0-related routes):

sudo killall -TERM pppd


The useful things to debug the connection:

/sbin/route to see routes
sudo tail -f /var/log/messages to see log messages
man pppd to see docs for pppd options


Hope it will help!
Đang tải dữ liệu...
web site traffic statistics