No easy way for PPTP
My day-by-day work demands one constant VPN connection, since I work allocated remotely on our client’s site. Because of some company requirements that connection must be made using PPTP.
Important note: The following is a transcript of my own experience. Not that everyone would have this problem (I’m not sure about this), but that problem really annoyed me for a couple of days.
I had it working quite well with my old Conectiva system, running a PPTP Client package built by myself (contrib). I really can’t remember now why I was not using pptp-php-gtk (can be found on the client site), but the fact is that using
pptp-command to configure my tunnels was doing the job for me.
When I got my new Mandriva system working, I tried to learn the new tools that has been a long time present in old “drak” days. So I checked out drakvpn (part of the DrakXTools package) but unfortunately I could not get it working for me (see bug #16502).
So, if you have the same problem, read on.
I got the pptp-php-gtk package installed (from the contrib media). Still can’t get it working, since it’s very outdated, and has a lot of problems (see bug #16418).
So, my last try was getting it working the the old
pptp-command, since it the never let me down (don’t bother about a post install script failed, as reported in bug #16499). And it really did the job, so I got my tunnel configured, but not working yet. If you check the previously mentioned bug, and also bugs #16419 and #16501, you’re going to see that there are missing options in that would make the MPPE encryption working (required by this tunnel).
After all that, you still have to make Shorewall understand what you want to do with this connection. There is a little howto that could help you with that.
At last, if you want PPTP with MPPE, you need:
a) Install pptp-linux;
b) Configure the tunnel with pptp-command;
/etc/modprobe.conf and insert the line
alias ppp-compress-18 ppp_mppe_mppc;
/etc/ppp/options.pptp and change line 22 to
e) Reconfigure Shorewall.
Now the tunnel is up and running.