HAMNET PPTP VPN with linux

This description describes how to setup a Linux running computer for permanent HAMNET VPN connection via PPTP.

1. Install PPTP Client

sudo apt-get install pptp-linux

2. Create config file

sudo nano /etc/ppp/peers/hamnetdb0sda

### HAMNET VPN Server
pty "pptp vpn.afu.rwth-aachen.de --nolaunchpppd --nobuffer --timeout 10"
### FOR SPECIAL FIXED IP accounts use hamnet.afu.rwth-aachen.de instead of vpn.afu.rwth-aachen.de
### PPTP - Loginname
name YOURLOGINNAME
### Restart after loosing the connection
persist
### MTU has to be smaller than 1500, as PPTP is increasing the TCP packet
mtu 1400
# Terminate after n consecutive failed connection attempts.
# A value of 0 means no limit. The default value is 10.
maxfail 0
### Misc.
remotename PPTP
lock
noauth
refuse-eap
nobsdcomp
nodeflate
#end

3. Make or edit the password storage file

sudo nano /etc/ppp/chap-secrets

Add a line like

# Secrets for authentication using CHAP
# client server secret IP addresses
YOURPPTPNAME PPTP THISISYOURPW *

Then make sure only root can read your password:

chmod 600 /etc/ppp/chap-secrets

4. Try the VPN-Tunnel

Start with: sudo pon hamnetdb0sda

You should see a ppp0 device in sudo ifconfig now.

ping 44.148.186.1 should also work. For SPECIAL FIXED IP account the IP is 44.225.166.1 .

Stop the tunnel with: sudo poff hamnetdb0sda

5. Make scripts to add the route to 44.0.0.0/8 via the VPN tunnel

Add a skript to /etc/ppp/ip-up.d named hamnetdb0sda . It's important you keep this filename, so the pptp programm can identify it to run it with your configuration.

sudo nano /etc/ppp/ip-up.d/hamnetdb0sda

#!/bin/bash
#
# Help - Text:
# ---------------------------------------------------------------
# This script is called with the following arguments:
# Arg Name Example
# $1 Interface name ppp0
# $2 The tty ttyS1
# $3 The link speed 38400
# $4 Local IP number 12.34.56.78
# $5 Peer IP number 12.34.56.99
# $6 Optional ''ipparam'' value foo
# ---------------------------------------------------------------

# don't bother to restart postfix when lo is configured.
if [ "$1" = "lo" ]; then
exit 0
fi

if [ "$1" = "ppp0" ]; then
#if [ "$6" = "hamnetdb0sda" ]; then

echo "'date +%b" "%e" "%H":"%M":"%S' HAMNET VPN: PPTP - ipparam: $6 Interface goeas up ($1). "\
"Now adding routing..." >> /var/log/messages
route add -net 44.0.0.0/8 gw 44.148.186.1 $1
#FOR SPECIAL FIXED IP ACCOUNTS USE route add -net 44.0.0.0/8 gw 44.225.166.1 $1
fi

exit 0

Add a skript to /etc/ppp/ip-down.d named hamnetdb0sda . It's important you keep this filename, so the pptp programm can identify it to run it with your configuration.

sudo nano /etc/ppp/ip-down.d/hamnetdb0sda

#!/bin/bash
#
# Help - Text:
# ---------------------------------------------------------------
# This script is called with the following arguments:
# Arg Name Example
# $1 Interface name ppp0
# $2 The tty ttyS1
# $3 The link speed 38400
# $4 Local IP number 12.34.56.78
# $5 Peer IP number 12.34.56.99
# $6 Optional ''ipparam'' value foo
# ---------------------------------------------------------------

# don't bother to restart postfix when lo is configured.
if [ "$1" = "lo" ]; then
exit 0
fi

if [ "$1" = "ppp0" ]; then
#if [ "$6" = "hamnetdb0sda" ]; then

echo "'date +%b" "%e" "%H":"%M":"%S' HAMNET VPN: PPTP - ipparam: $6 Interface goes down ($1). "\
"Now removing routing..." >> /var/log/messages
route del -net 44.0.0.0/8 gw 44.148.186.1 $1
#FOR SPECIAL FIXED IP ACCOUNTS USE route del -net 44.0.0.0/8 gw 44.225.166.1 $1
fi

exit 0

 

Make both scruipts executable:

sudo chmod 750 /etc/ppp/ip-up.d/hamnetdb0sda
sudo chmod 750 /etc/ppp/ip-down.d/hamnetdb0sda

6. Try the tunnel with activated routing

Start with: sudo pon hamnetdb0sda

Type sudo route -n and check that there is a route for 44.0.0.0 with subnet mask 255.0.0.0 to 44.148.186.1 on device ppp0.

#FOR SPECIAL FIXED IP ACCOUNTS the Gateway is 44.225.166.1.

Stop the tunnel with: sudo poff hamnetdb0sda

 

7. Make the systemd service files to enable easy job controlling and auto-start on boot

sudo nano /etc/systemd/system/hamnetvpn.service

[Unit]
Description=PPTP HAMNET link to DB0SDA
Requires=multi-user.target
After=network-online.target

[Service]
Type=forking
ExecStart=/usr/bin/pon hamnetdb0sda
ExecStop=/usr/bin/poff hamnetdb0sda
ExecReload=/usr/bin/poff -r hamnetdb0sda

[Install]
WantedBy=network-online.target

 

Reload the systemd environment with sudo systemctl daemon-reload .

Now you can use

sudo systemctl status hamnetvpn.service to check the status,

sudo systemctl start hamnetvpn.service to start the tunnel,

sudo systemctl stop hamnetvpn.service to stop the tunnel,

sudo systemctl enable hamnetvpn.service to start the tunnel automatically at boot time,

sudo systemctl disable hamnetvpn.service to not start the tunnel automatically at boot time.

8. Reboot and feel happy

 

Aktuelle Seite: Home Projekte Hamnet Anwendungen FTP-Server static-content HAMNET PPTP VPN with linux