[pptp-server] It Works!: RedHat 6.0 instructions

Michael Barsalou mjbarsalou at attglobal.net
Mon Jan 31 13:28:48 CST 2000 

I would like to request that these instructions get added to the distribution if the
maintainers are so inclined.  I will be happy to maintain this set of instructions.


These are the steps that should work for installing PoPTop on a stock RedHat 6.0 box.

Note: [] are example commands to run 
Get the following files from the RedHat (ftp.redhat.com) site or suitable mirror:

ftp://ftp.redhat.com/redhat/redhat-6.1/i386/RedHat/RPMS/

	kernel-headers-2.2.12-20.i386.rpm 
	kernel-source-2.2.12-20.i386.rpm
	kernel-2.2.12-20.i386.rpm
	ppp-2.3.10-1.i386.rpm

*NOTE* before performing the next step make sure you have access to a boot floppy or can 
access the old kernel.

Upgrade your 2.2.5-15 kernel to 2.2.12-20:
	[rpm -Uvvh kernel-2.2.12-20.i386.rpm]
Change lilo.conf to access your old and new kernel then issue this command:
	[/sbin/lilo]
Upgrade ppp:
	[rpm -Uvvh ppp-2.3.10-1.i386.rpm]

Grab the PoPToP rpm and init file:
	http://www.moretonbay.com/vpn/releases/pptpd-1.0.0-1.i386.rpm
	http://www.moretonbay.com/vpn/releases/pptpd.init 
Store the pptpd.init file in the /etc/rc.d/init.d directory and make sure permissions are set 
correctly.
Edit the pptpd.init file:  There is some bad text on one of the comment lines 
and you need to start the pptpd deamon with this command:

	/usr/sbin/pptpd -d
	
Rpm the PoPTop Server:
	[rpm -ivvh pptpd-1.0.0-1.i386.rpm]
	
Setup your chap-secrets file.
Your options file in /etc/ppp/ should at a minimum have the following:
	
	lock 
	debug 
	auth 
	+chap 
	proxyarp 


 at this point vpn should be working without encryption

If you want to add encryption do the following below:

1. Grab yourself a clean copy of the PPP deamon v2.3.10 (ppp-2.3.10.tar.gz). 
I usually go here for my PPP files: ftp://cs.anu.edu.au/pub/software/ppp/ 
Note: You must get the tarball (tar.gz) and *not* the RPM.
 
2. Grab youself the MSCHAP/MPPE patch file from: 
	http://www.moretonbay.com/vpn/releases/ppp-2.3.10-openssl-norc4-mppe.patch.gz 
3. Grab yourself the SSLeay-0.6.6b file from: 
	ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-0.6.6b.tar.gz 
4. You should now have 3 files: 
	ppp-2.3.10.tar.gz 
	ppp-2.3.10-openssl-norc4-mppe.patch.gz 
	SSLeay-0.6.6b.tar.gz 

Copy these files to your preferred location (RedHat uses /usr/src/redhat/SOURCES)
	 
Assuming your files are in /usr/src/redhat/SOURCES and your current 
working directory is the same, do the following: 
[tar -zxvf ppp-2.3.10.tar.gz] 
[tar -zxvf ppp-2.3.10-openssl-norc4-mppe.patch.gz 
[tar -zxvf SSLeay-0.6.6b.tar.gz] 
[cp SSLeay-0.6.6b/crypto/rc4/rc4.h ppp-2.3.10/linux/] 
[cp SSLeay-0.6.6b/crypto/rc4/rc4_enc.c ppp-2.3.10/linux/] 
[cd ppp-2.3.10]	   # should now be in /usr/local/redhat/SOURCES/ppp-2.3.10
[patch -p1 <  ../ppp-2.3.10-openssl-norc4-mppe.patch]

Comment out the reference to rc4_skey.c in 
/usr/src/redhat/SOURCES/ppp-2.3.10/linux/ppp_mppe.c
Evidently it is not needed.
Now rpm the kernel files we downloaded earlier:

	[rpm -ivvh kernel-headers-2.2.12-20.i386.rpm]
	[rpm -ivvh kernel-source-2.2.12-20.i386.rpm]

[cd /usr/src/linux]
[make menuconfig]  # Unless you have a special setup you probably will not need 
to change any of the settings. Just do this so that you can save the config for later steps

[cd /usr/src/redhat/SOURCES/ppp-2.3.10]
[./configure]
[make] 
[make kernel]
[make install]
[cd /usr/src/linux]
[make modules SUBDIRS=drivers/net] 
[make modules_install] 

Add to your options file (/etc/ppp/options):
	+chapms 
	+chapms-v2 
	mppe-40 
	mppe-128 
	mppe-stateless 

Edit /etc/inittab and comment out the reference to pptpd.  We will use the pptpd daemon.

[init Q]

Edit the /etc/conf.modules (or modules.conf) with the following info:

alias char-major-108 off
alias ppp-compress-18 ppp_mppe
alias ppp-compress-21 bsd_comp
alias ppp-compress-24 ppp_deflate
alias ppp-compress-26 ppp_deflate

[modprobe -r ppp]
# if necessary remove the following modules by hand 
[rmmod ppp] 
[rmmod slhc] 
[rmmod bsd_comp] 
[rmmod ppp_deflate] 
# now get things rolling
[depmod -a]
[modprobe ppp]


That should do it.  Don't forget to make a link to the pptpd.init in whatever
runlevel your using.  We use runlevel 3 so make a link like this:

[ln -s /etc/rc.d/init.d/pptpd.init /etc/rc.d/rc3.d/S52pptpd]



Michael Barsalou
mjbarsalou at ibm.net

More information about the pptp-server mailing list