VPN Linux to Windows PPTP
Updated at: 17/07/2014


Per accedere da un sistema Unix (Debian/Ubuntu) a una VPN PPTP si Windows http://www.cyberciti.biz/tips/howto-configure-ubuntu-fedora-linux-pptp-client.html Install required components $ apt-get install pptp-linux network-manager-pptp  

Sample configuration data

  1. PPTP server name: pptp.vpn.nixcraft.com
  2. VPN User Name : vivek
  3. VPN Password: VpnPassword
  4. Connection name: delhi-idc-01
Open /etc/ppp/chap-secrets file: # nano /etc/ppp/chap-secrets Append line as follows:
domain\\username PPTP VpnPassword *
Save and close the file. Create a connection file called /etc/ppp/peers/delhi-idc-01 (replace delhi-idc-01 with your connection name such as office or vpn): nano /etc/ppp/peers/VPN-Name Append configuration data as follows:
pty "pptp INDIRIZZO_SERVER --nolaunchpppd"
name domain\\username
remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
ipparam VPN-Name
Close and save the file. Where,
  • pty "INDIRIZZO_SERVER --nolaunchpppd": Specifies that the command script is to be used to communicate rather than a specific terminal device. Pppd will allocate itself a pseudo-tty master/slave pair and use the slave as its terminal device. The script will be run in a child process with the pseudo-tty master as its standard input and output. An explicit device name may not be given if this option is used. (Note: if the record option is used in conjunction with the pty option, the child process will have pipes on its standard input and output.). In this case we are using pptp client to establishes the client side of a Virtual Private Network (VPN) using the Point-to-Point Tunneling Protocol (PPTP). INDIRIZZO_SERVER is my host name (or IP address) for the PPTP server. --nolaunchpppd option means do not launch pppd but use stdin as the network connection. Use this flag when including pptp as a pppd connection process using the pty option.
  • remotename PPTP: Set the assumed name of the remote system for authentication purposes to name. If you don't know name ask to network administrator
  • require-mppe-128: Require the use of MPPE, with 128-bit encryption. You must encrypt traffic using encryption.
  • file /etc/ppp/options.pptp: Read and apply all pppd options from options.pptp file. Options used by PPP when a connection is made by a PPTP client.
  • ipparam VPN-Name : Provides an extra parameter to the ip-up, ip-pre-up and ip-down scripts (optional).

Route traffic via ppp0

To route traffic via PPP0 interface add following route command to /etc/ppp/ip-up.d/route-traffic # nano /etc/ppp/ip-up.d/route-traffic Append following sample code (modify NET an IFACE as per your requirments):
#!/bin/bash
NET="172.16.30.0/24" # set me
IFACE="ppp0" # set me
#IFACE=$1
route add -net ${NET} dev ${IFACE}
Make the file executable using one of the following commands # chmod +x /etc/ppp/ip-up.d/route-traffic or # chmod 755 /etc/ppp/ip-up.d/route-traffic  

Connect to PPTP server

Now you need to dial out to your office VPN server. This is the most common use of pppd. This can be done with a command such as: # pppd call VPN-Name or # pon VPN-Name If everything is went correctly you should be online and ppp0 should be up. Remote server will assign IP address and other routing information. Here is the message from my /var/log/messages file: # tail -f /var/log/messages

Disconnect PPTP server vpn connection

Simply kill pppd service, enter: # killall pppd or # poff VPN-Name