[pptp-server] It Works!: RedHat 6.0 instructions
Michael Barsalou
mjbarsalou at attglobal.net
Mon Jan 31 13:28:48 CST 2000
I would like to request that these instructions get added to the distribution if the
maintainers are so inclined. I will be happy to maintain this set of instructions.
These are the steps that should work for installing PoPTop on a stock RedHat 6.0 box.
Note: [] are example commands to run
Get the following files from the RedHat (ftp.redhat.com) site or suitable mirror:
ftp://ftp.redhat.com/redhat/redhat-6.1/i386/RedHat/RPMS/
kernel-headers-2.2.12-20.i386.rpm
kernel-source-2.2.12-20.i386.rpm
kernel-2.2.12-20.i386.rpm
ppp-2.3.10-1.i386.rpm
*NOTE* before performing the next step make sure you have access to a boot floppy or can
access the old kernel.
Upgrade your 2.2.5-15 kernel to 2.2.12-20:
[rpm -Uvvh kernel-2.2.12-20.i386.rpm]
Change lilo.conf to access your old and new kernel then issue this command:
[/sbin/lilo]
Upgrade ppp:
[rpm -Uvvh ppp-2.3.10-1.i386.rpm]
Grab the PoPToP rpm and init file:
http://www.moretonbay.com/vpn/releases/pptpd-1.0.0-1.i386.rpm
http://www.moretonbay.com/vpn/releases/pptpd.init
Store the pptpd.init file in the /etc/rc.d/init.d directory and make sure permissions are set
correctly.
Edit the pptpd.init file: There is some bad text on one of the comment lines
and you need to start the pptpd deamon with this command:
/usr/sbin/pptpd -d
Rpm the PoPTop Server:
[rpm -ivvh pptpd-1.0.0-1.i386.rpm]
Setup your chap-secrets file.
Your options file in /etc/ppp/ should at a minimum have the following:
lock
debug
auth
+chap
proxyarp
at this point vpn should be working without encryption
If you want to add encryption do the following below:
1. Grab yourself a clean copy of the PPP deamon v2.3.10 (ppp-2.3.10.tar.gz).
I usually go here for my PPP files: ftp://cs.anu.edu.au/pub/software/ppp/
Note: You must get the tarball (tar.gz) and *not* the RPM.
2. Grab youself the MSCHAP/MPPE patch file from:
http://www.moretonbay.com/vpn/releases/ppp-2.3.10-openssl-norc4-mppe.patch.gz
3. Grab yourself the SSLeay-0.6.6b file from:
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-0.6.6b.tar.gz
4. You should now have 3 files:
ppp-2.3.10.tar.gz
ppp-2.3.10-openssl-norc4-mppe.patch.gz
SSLeay-0.6.6b.tar.gz
Copy these files to your preferred location (RedHat uses /usr/src/redhat/SOURCES)
Assuming your files are in /usr/src/redhat/SOURCES and your current
working directory is the same, do the following:
[tar -zxvf ppp-2.3.10.tar.gz]
[tar -zxvf ppp-2.3.10-openssl-norc4-mppe.patch.gz
[tar -zxvf SSLeay-0.6.6b.tar.gz]
[cp SSLeay-0.6.6b/crypto/rc4/rc4.h ppp-2.3.10/linux/]
[cp SSLeay-0.6.6b/crypto/rc4/rc4_enc.c ppp-2.3.10/linux/]
[cd ppp-2.3.10] # should now be in /usr/local/redhat/SOURCES/ppp-2.3.10
[patch -p1 < ../ppp-2.3.10-openssl-norc4-mppe.patch]
Comment out the reference to rc4_skey.c in
/usr/src/redhat/SOURCES/ppp-2.3.10/linux/ppp_mppe.c
Evidently it is not needed.
Now rpm the kernel files we downloaded earlier:
[rpm -ivvh kernel-headers-2.2.12-20.i386.rpm]
[rpm -ivvh kernel-source-2.2.12-20.i386.rpm]
[cd /usr/src/linux]
[make menuconfig] # Unless you have a special setup you probably will not need
to change any of the settings. Just do this so that you can save the config for later steps
[cd /usr/src/redhat/SOURCES/ppp-2.3.10]
[./configure]
[make]
[make kernel]
[make install]
[cd /usr/src/linux]
[make modules SUBDIRS=drivers/net]
[make modules_install]
Add to your options file (/etc/ppp/options):
+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless
Edit /etc/inittab and comment out the reference to pptpd. We will use the pptpd daemon.
[init Q]
Edit the /etc/conf.modules (or modules.conf) with the following info:
alias char-major-108 off
alias ppp-compress-18 ppp_mppe
alias ppp-compress-21 bsd_comp
alias ppp-compress-24 ppp_deflate
alias ppp-compress-26 ppp_deflate
[modprobe -r ppp]
# if necessary remove the following modules by hand
[rmmod ppp]
[rmmod slhc]
[rmmod bsd_comp]
[rmmod ppp_deflate]
# now get things rolling
[depmod -a]
[modprobe ppp]
That should do it. Don't forget to make a link to the pptpd.init in whatever
runlevel your using. We use runlevel 3 so make a link like this:
[ln -s /etc/rc.d/init.d/pptpd.init /etc/rc.d/rc3.d/S52pptpd]
Michael Barsalou
mjbarsalou at ibm.net
More information about the pptp-server
mailing list