VPN at UC (WAS: Re: [clug] MythTV on TransACT)

Ian darkstarsword at gmail.com
Wed Aug 23 21:00:06 GMT 2006 

I'm sure that there would be some frontend that will work under gnome,
and if you can find one it will probably be the easiest way to set it
up.
If not this should help you to set it up manually. This is roughly
what I did to set up my wireless to connect to the wifi in the CSIT
building at ANU using Debian.

Create a file under /etc/ppp/peers with a sensible name - UCWiFi for
example. Fill the file with the following:

pty "pptp <pptp IP> --nolaunchpppd"
name <domain>\\<username>
remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
ipparam UCWiFi

replace <pptp IP> with the pptp host IP, (172.22.0.1 in the case of
ANU), <domain> with the domain - probably canberra.edu.au and
<username> with your username. The require-mppe-128 should only be
there if they are using mppe encryption (in which case you also need a
recent kernel with the mppe module, or a patch for older kernels). The
bit after ipparam should be the same as the filename (I don't think it
actually _has_ to be the same, but it avoids confusion).

Add the following to /etc/ppp/chap-secrets:
<domain>\\<username> PPTP <password>
again replacing <domain>, <username> and <password> as above.

I seem to have altered /etc/ppp/options.pptp to have a line with
noauth instead of auth - I can't remember off the top of my head
whether I did that for the pptp or something else, so only put it in
if you need it. Glancing at the man page I think it's only necessary
if your machine already has a default route set (check with 'route -n'
if you see complaints about failed authentication in the syslog when
you try to bring the interface up).

Next step is to bring up the wireless link using whatever method you prefer.

Now, enter:
pon UCWiFi
If you check the process list you should see some pptp call manager or
something. If all goes well after a few seconds a new network
interface, probably called ppp0 should be created - check with
ifconfig ppp0. If it wasn't created check syslog for hints.

See if you can ping the remote host listed with ifconfig. See if you
can ping another host in UC. If you can then you're set (you may still
have to set up a proxy server depending on the setup).
If not it's detective time - start with 'route -n' and see if the
output is what you'd expect - is the default gateway the computer on
the other side of the ppp0 link? If not, try this (I have to do this
for the CSIT link - the wifi (not pptp) DHCP server gives me a bogus
gateway):
route del default gw <current default gateway>
route add default gw <computer on other side of ppp0>

Other things that have given me trouble is forgetting that I still had
eth0 up, my /etc/resolv.conf pointing to a nameserver that I couldn't
access, and the pptp program dying after the had been up for about 5
seconds - just after I checked to make sure it was up and just before
I started trying to use it.

Hope this helps,
Ian


On 23/08/06, Arafangion <thestar at fussycoder.id.au> wrote:
> James Ring wrote:
> > Hey there,
> >
> >
> >> On an unrelated note, I would be extremely interested to know how one
> >> logs into the VPN via wireless at the Uni of canberra.
> >>
> >> Connecting to the wifi network is no problem, it's the VPN that has me
> >> mystified.
> >>
> >
> > I think you have to be a UC student. If you are, check out
> > http://www.canberra.edu.au/icts-old/it/wireless.
> >
> > I think they use a PPTP VPN, so you need to download and install pptp for
> > Linux. Depending on UC's arrangements, you might also need to compile
> > a kernel module for MPPE encryption if you have a kernel older than 2.6.15.
> >
> > Once you've done all that, I've used a tool called kvpnc for KDE to
> > setup my connection to the ANU DCS wireless, which I think is very similar
> > to UC's. Check out http://home.gna.org/kvpnc/
> >
> > HTH!
> >
> > Regards,
> > James
>
>
> The problem is that I don't understand how to use pptp, and all of the
> documentation generally assumes that I'm dialing a phone number.  For
> some unknown reason, the kvpnc client doesn't work. (Ubuntu Dapper)
> --
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
>


-- 
On the day *I* go to work for Microsoft, faint oinking sounds will be
heard from far overhead, the moon will not merely turn blue but
develop polkadots, and hell will freeze over so solid the brimstone
will go superconductive.
     -- Erik Raymond, 2005
--
Hi! I'm your friendly neighbourhood signature virus.
Copy me to your signature file and help me spread!
--
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html

More information about the linux mailing list