Configure pptpd vpn with ms-chapv2 and mppe on Ubuntu
We've installed a NAT+VPN to get rid of Microsoft's one, and implemented the same functionality with PoPToP version 1.3.0.
The necessary settings are the following:
1) try if you have the necessary kernel modules (in Ubuntu 6.10, all is included. if you don't have them, you're doomed - you need to re-compile your kernel)
modprobe ppp_mppe
modprobe ip_gre
if the reply is the well known unix's golden silence, you need to add the modules to /etc/modules:
ppp_mppe
ip_gre
to have it loaded, and reboot.
2) Install pptpd
apt-get install pptpd
3) in /etc/pptpd.conf, have the following:
option /etc/ppp/options.pptpd
speed 115200
localip 10.1.1.10 #our eth0
remoteip 10.1.1.228-238 #our ip stack
listen xx.xx.xx.250 #our eth1
4) change /etc/ppp/options to the following:
lock
noauth
refuse-eap
refuse-chap
refuse-mschap
nobsdcomp
nodeflate
require-mppe-128
5) in /etc/ppp/pap-secrets, don't forget to add the blank user and password
* *
4) use the following settings in /etc/ppp/options.pptp:
lock
name pptpd
proxyarp
asyncmap 0
-chap
-mschap
+mschap-v2
require-mppe
lcp-echo-failure 30
lcp-echo-interval 5
ipcp-accept-local
ipcp-accept-remote
This setup will work with any Windows 2000/XP client, and all pptp configs on Linuxes. (with regards to http://poptop.sourceforge.net/dox/radius_mysql.html)
Enjoy ;)