Linux help

PPTP Client Ubuntu Howto

We use multiple types of VPN – and PPTP is one of them.

Installing the Client Program

Install PPTP Client from the Ubuntu Project:

apt-get install pptp-linux

Configuration, by hand

  1. obtain from your PPTP Server administrator:
    • the IP address or host name of the server ($SERVER),
    • the name you wish to use to refer to the tunnel ($TUNNEL),
    • the authentication domain name ($DOMAIN),
    • the username you are to use ($USERNAME),
    • the password you are to use ($PASSWORD),
    • whether encryption is required.

    In the steps below, substitute these values manually. For example, where we write $PASSWORD we expect you to replace this with your password.

  2. create or edit the /etc/ppp/options.pptp file, which sets options common to all tunnels:
    lock noauth nobsdcomp nodeflate
  3. create or add lines to the /etc/ppp/chap-secrets file, which holds usernames and passwords:

    Note: if you are using a PPTP Server that does not require an authentication domain name, omit the slashes as well as the domain name.

    Note: if the passwords contain any special characters, quote them. See man pppd for more details.

  4. create a /etc/ppp/peers/$TUNNEL file:
    pty "pptp $SERVER --nolaunchpppd"
    remotename PPTP
    file /etc/ppp/options.pptp
    ipparam $TUNNEL

    Note: if you do not need MPPE support, then remove the require-mppe-128 option from this file and /etc/ppp/options.pptp.

  5. start the tunnel using the pon command:
    pon $TUNNEL

    to further diagnose a failure, add options to the command:

    pon $TUNNEL debug dump logfd 2 nodetach

    Note: we have further information on enabling debug mode, and on diagnosing problems.

  6. stop the tunnel using the poff command:
    poff $TUNNEL
  7. to script the tunnel connection so that something is done as soon as the tunnel is up, use either ip-up.d scripts or the updetach keyword.
    1. see the Routing HOWTO for examples of ip-up.d scripting that adds routes or iptables rules.
    2. using updetach will cause pppd to fork, detach, and exit with success once the network link is up. This example connects a provider link, then the tunnel, then runs fetchmail to get new e-mail:
      pon provider updetach && pon $TUNNEL updetach && fetchmail

      Note: the double ampersand && means that the commands following it will only be executed if the command to the left of it was successful. If the tunnel fails to connect, the fetchmail will not happen.

  8. to have the tunnel automatically restarted if it fails, add the option persist to either the command line or the /etc/ppp/peers/$TUNNEL file.
  9. to have the tunnel started on system boot:
    • for Debian Sarge and later, edit the /etc/network/interfaces file, and add this section:
      auto tunnel
      iface tunnel inet ppp
              provider $TUNNEL
    • for Debian Woody, edit the /etc/ppp/no_ppp_on_boot file, remove the first line comment, and change the word provider to the name of your tunnel, so that it looks like this:
      $PPPD call $TUNNEL

      (The line … means the other lines in the file, it doesn’t mean a line with three dots.)

      Then rename the no_ppp_on_boot file and make it executable:

      # mv /etc/ppp/no_ppp_on_boot /etc/ppp/ppp_on_boot
      # chmod +x /etc/ppp/ppp_on_boot

    Every time your computer starts, the tunnel will be started automatically.

  10. to set up routing, read our Routing HOWTO.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s