[Samba] VPN server and logon to Samba PDC

David C. Rankin drankinatty at suddenlinkmail.com
Mon Mar 17 21:07:33 GMT 2008 

Jon Theil Nielsen wrote:
> 2008/3/17, David C. Rankin <drankinatty at suddenlinkmail.com 
> <mailto:drankinatty at suddenlinkmail.com>>:
> 
>     Jon Theil Nielsen wrote:
>      > My goal is to make VPN access to our Samba PDC (FreeBSD 7.0) so
>     that users
>      > can access there home shares from Windows clients.
>      > I have read the instructions at
>      > http://samba.org/ftp/unpacked/lorikeet/pppd/final-report.pdf, but
>     I can't
>      > make it work.
> 
>     <snip>
>      > Regards,
>      > Jon
> 
>     Jon,
> 
>             I do it this way:
> 
>     pptp VPN server
> 
> 
>     /etc/pptpd.conf
>     option /etc/ppp/options.pptp
> 
>     debug (comment out after testing)
>     localip 192.168.7.12 <http://192.168.7.12>
>     remoteip 192.168.7.2-5
>     pidfile /var/run/pptpd.pid
> 
>     /etc/ppp/options.pptp
>     lock
>     noauth
>     nobsdcomp
>     lcp-echo-failure 10
>     lcp-echo-interval 10
> 
>     /etc/ppp/options
>     name bonza.rbpllc.com <http://bonza.rbpllc.com>
>     noipdefault
>     noauth
>     lock
>     local
>     lcp-echo-interval 30
>     lcp-echo-failure 4
>     lcp-max-configure 60
>     lcp-restart 2
>     idle 600
>     noipx
>     file /etc/ppp/filters
>     proxyarp
>     ms-dns 192.168.7.15 <http://192.168.7.15>
>     ms-wins 192.168.7.15 <http://192.168.7.15>
>     refuse-chap
>     refuse-mschap
> 
>     /etc/ppp/pap-secrets
>     *       bonza.rbpllc.com <http://bonza.rbpllc.com>        ""
>     <username>   <yourserver.yourdomain.com
>     <http://yourserver.yourdomain.com>>   <password>  *
> 
>     /etc/ppp/chap-secrets
>     <username>           *               <password>          *
> 
>             Of course, use your own information and get rid of the "< >"
>     in the pap
>     and chap-secret files. Good luck. This works like a charm. Just don't
>     forget to open [port 1723] in your firewall and router for accessing the
>     server locally as well as remotely. Also, you may need:
> 
>     # TAG: bcrelay <if>
>     bcrelay eth0
> 
>     in /etc/pptpd.conf if you are running an older version of pptpd to
>     improve remote browsing.
> 
> Thanks, David
> Just a few questions before I try this solution.
> Are you on FreeBSD too? As far as I understand, the main configuration 
> file here is /usr/local/etc/pptpd.conf. Or should it live in /etc/?
> What does the line "file /etc/ppp/filters" refer to?
> Can you use this configuration to join a Samba domain?
> 
> Regards,
> Jon

Jon,

	It doesn't matter where the conf file goes. That is determined at 
compile time with the ./configure options. If your setup wants it in 
/usr/local, then that's where it goes. I'm running Linux, but as far as 
pptpd is concerned it shouldn't care. You may just have to adjust the 
path information to work with your setup. I would just make the 
configuration changes and start pptpd. You will get all the messages you 
need in /var/log/messages or /var/log/syslog depending on your setup.

-- 
David C. Rankin, J.D., P.E.
Rankin Law Firm, PLLC
510 Ochiltree Street
Nacogdoches, Texas 75961
Telephone: (936) 715-9333
Facsimile: (936) 715-9339
www.rankinlawfirm.com

More information about the samba mailing list