pty \"pptp SERVER-IP --nolaunchpppd\"\r\nname LOGIN\r\nremotename PPTP\r\nrequire-mppe-128\r\nfile \/etc\/ppp\/options.pptp\r\nipparam my-tunnel<\/pre>\nwhere LOGIN is your PPTP login.<\/p>\n
Put Microsoft CHAP parameters in \/etc\/ppp\/chap-secrets file :<\/p>\n
LOGIN PPTP PASSWORD *<\/pre>\nwhere PASSWORD is your PPTP password.<\/p>\n
Then, PPTP connection is ready.
\nAdd it in interfaces file :<\/p>\n
auto mobile\r\niface mobile inet ppp\r\nprovider my-tunnel\r\nup sleep 10 && route add -net 192.168.x.0\/24 dev ppp0\r\nup route add -net 192.168.y.0\/24 dev ppp0\r\nup \/etc\/init.d\/firewall start<\/pre>\nIn this example, 192.168.x.0\/24 and 192.168.y.0\/24 are in VPN network.<\/p>\n
And \/etc\/init.d\/firewall file is easy IPTables script :<\/p>\n
#!\/bin\/sh\r\n\r\n# just route it !\r\necho 1 > \/proc\/sys\/net\/ipv4\/ip_forward\r\necho 0 > \/proc\/sys\/net\/ipv4\/tcp_ecn\r\niptables -t nat -D POSTROUTING -o ppp0 -j MASQUERADE\r\niptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE\r\n\r\n# MTU in tunnel (only for Windows machines... strange)\r\niptables -D FORWARD -p tcp --tcp-flags SYN,RST SYN --jump TCPMSS --clamp-mss-to-pmtu\r\niptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN --jump TCPMSS --clamp-mss-to-pmtu<\/pre>\n(update : I use now \"--set-mss 294\" option after some problems with \"--clamp-mss-to-pmtu\")<\/pre>\niptables -L --line-numbers\r\niptables -L -t nat --line-numbers<\/pre>\nThen, to enable or disable your PPTP VPN Gateway :<\/p>\n
# ifup mobile\r\n# ifdown mobile<\/pre>\n","protected":false},"excerpt":{"rendered":"PPTP VPN gateway can avoid various constraints : single connection, delay for switching VPN between two hosts, etc. Here is an easy solution : – Install Debian with ppp and pptp-linux packages – RTFM and create \/etc\/ppp\/options.pptp file : lock noauth nobsdcomp nodeflate And \/etc\/ppp\/peers\/my-tunnel file : pty “pptp SERVER-IP –nolaunchpppd” name LOGIN remotename PPTP […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,3,7],"tags":[],"class_list":["post-18","post","type-post","status-publish","format-standard","hentry","category-debian","category-english","category-network"],"_links":{"self":[{"href":"https:\/\/gcolpart.evolix.net\/blog21\/wp-json\/wp\/v2\/posts\/18","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gcolpart.evolix.net\/blog21\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gcolpart.evolix.net\/blog21\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gcolpart.evolix.net\/blog21\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gcolpart.evolix.net\/blog21\/wp-json\/wp\/v2\/comments?post=18"}],"version-history":[{"count":0,"href":"https:\/\/gcolpart.evolix.net\/blog21\/wp-json\/wp\/v2\/posts\/18\/revisions"}],"wp:attachment":[{"href":"https:\/\/gcolpart.evolix.net\/blog21\/wp-json\/wp\/v2\/media?parent=18"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gcolpart.evolix.net\/blog21\/wp-json\/wp\/v2\/categories?post=18"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gcolpart.evolix.net\/blog21\/wp-json\/wp\/v2\/tags?post=18"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}