VPN
From Oxxus Wiki
Contents |
Introduction
A virtual private network (VPN) is term that stands for computer network using Internet to provide remote offices or individual users secure access to their organization's network. Via VPN services, all participants will share the same virtual network, as if they're all in same office LAN (Local area network).
Having encryption mechanism, as well as encrypted feature for authentication, it provides a secure cryptographic method between two or more networked devices which are not on the same private network to keep the transferred data private from other devices on one or more intervening local or wide area networks. There are many different classifications, implementations, and uses for VPNs.
One of most used VPN services for VPN server on Linux OS based systems is PopTop service, also known as PPTP.
It's easy to install, configure and maintan.
The Point-to-Point Tunneling Protocol (PPTP) uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.
All releases of Microsoft Windows since Windows 95 OSR2 are bundled with a PPTP client, although they are limited to only 2 concurrent outbound connections.
The Microsoft Windows, MSCHAPv2 represents one of most used and highly secure authentication mechanisms. It's implemented in PPTP as default, along with plan, pap (password authentication protocol) which is plain and has multiple security issues.
Installation of PPTP server
Distributions like Debian and RedHat (Centos) has prepared binaries for installation of this services.
For Debian/Ubuntu systems please use following command, from Linux OS shell prompt, for installation:
apt-get install pptpd
It'll install ppptp service. All you have to do is to configure, by editing it's configuration file, and start it up. Your Linux system will be ready to receive and server any incoming pptp related session.
For RedHat oriented systems following commands issued also from shell prompt will install pptp server.
rpm -ivh http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.rhel5.i386.rpm
On all systems, ppp, point-to-point-protocol, is required. Use apt-get install ppp for Debian or yum install ppp for RedHat oriented systems.
Configuration
Edit file /etc/ppp/chap-secrets with nano or any editor you wish to use and define user accounts.
File contents should look like example below:
# Secrets for authentication using CHAP # client server secret IP addresses test * testPass *
- Client entry is for username account you wish to enable login via pptp.
- Server entry should remain * to receive any request
- Secret entry is user account's password.
- IP addresses stands for ip address user account will come from and request pptp session
Configure IP address range
Edit the file /etc/pptpd.conf for the IP address range, for example:
localip 192.168.0.1 remoteip 192.168.0.234-238,192.168.0.245
Once all defined, save it and you're ready to start services.
Use command /etc/init.d/pptpd start.
If everything's installed and configured correctly, you'll have tcp/port 1703 opened for pptp sessions.
Pptp client configuration differs for Windows XP or Win7.
Since these Wiki pages are focusing on VPS/dedicated server owners and on their VPN service installation on Linux OS, please refer to Windows oriented official pages to find out instructions for pptp client configuration.