Documentatie online - Internet prin satelit ONE WAY - Setare VPN linux
***********************************************************************
*** DOCUMENTATIE DE CONFIGURATIE PENTRU CONECTARE VPN-BizarNet ***
*** Linux ***
*** Made By Marius Lazaroi (lmarius@elcom.ro) ***
***********************************************************************
De aici puteti lua versiunea text a acestei documentatii.
Pentru configurarea VPN pe Linux sunt necesare urmatoarele pachete:
ppp-mppe-2.4.0-4.i386.rpm
pptp-linux-1.0.3-1.i386.rpm
( pentru RedHat) sau surse pentru alte sisteme.
Se instaleaza cele doua pachete cu:
rpm -i --force ppp-mppe-2.4.0-4.i386.rpm
si
rpm -i pptp-linux-1.0.3-1.i386.rpm
Dupa instalarea pachetelor se trece la configurarea lor:
[root@test]# pptp-command
1.) start
2.) stop
3.) setup
4.) quit
What task would you like to do?: 3
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) List PPTP Tunnels
5.) Add a NEW PPTP Tunnel
6.) Delete a PPTP Tunnel
7.) Configure resolv.conf
8.) Select a default tunnel
9.) Quit
?: 5
Add a NEW PPTP Tunnel.
1.) Other
Which configuration would you like to use?: 1
Tunnel Name: [test] --- se inlocuieste cu ce nume doriti dvs pentru tunel
Server IP: 1.1.1.1 --- se inlocuieste cu adresa serverului de VPN
What route(s) would you like to add when the tunnel comes up?
This is usually a route to your internal network behind the PPTP server.
You can use TUNNEL_DEV and DEF_GW as in /etc/pptp.d/ config file
TUNNEL_DEV is replaced by the device of the tunnel interface.
DEF_GW is replaced by the existing default gateway.
The syntax to use is the same as the route(8) command.
Enter a blank line to stop.
route:
Local Name and Remote Name should match a configured CHAP secret.
Local Name is probably your NT domain\username.
NOTE: Any backslashes (\) must be doubled (\\).
Local Name: username - se inlocuieste cu utilizatorul pe care l-ati primit
Remote Name [PPTP]: 1.1.1.1 - se inlocuieste cu adresa serverului de VPN
Adding test - 1.1.1.1 - username - test
In cazul in care obtineti o eroare de genul
Insecure dependency in open while running with -T switch
at /usr/sbin/pptp-command line 181, STDIN line 8.
se editeaza fisierul /usr/sbin/pptp-command si se scoate switch-ul -T din prima linie
#!/usr/bin/perl -wT
Se reia pe urma configurarea de la inceput:
[root@test]# pptp-command
1.) start
2.) stop
3.) setup
4.) quit
What task would you like to do?: 3
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) List PPTP Tunnels
5.) Add a NEW PPTP Tunnel
6.) Delete a PPTP Tunnel
7.) Configure resolv.conf
8.) Select a default tunnel
9.) Quit
?: 5
Add a NEW PPTP Tunnel.
1.) Other
Which configuration would you like to use?: test
Argument "test" isn't numeric in numeric eq (==) at /usr/sbin/pptp-command line 350, STDIN line 3.
Use of uninitialized value in hash element at /usr/sbin/pptp-command line 372, STDIN line 3.
Use of uninitialized value in hash element at /usr/sbin/pptp-command line 372, STDIN line 3.
Use of uninitialized value in hash element at /usr/sbin/pptp-command line 373, STDIN line 3.
Use of uninitialized value in array dereference at /usr/sbin/pptp-command line 373, STDIN line 3.
Local Name and Remote Name should match a configured CHAP secret.
Local Name is probably your NT domain\username.
NOTE: Any backslashes (\) must be doubled (\\).
Local Name: username
Remote Name [PPTP]:
[root@xantic ppp]# pptp-command
1.) start
2.) stop
3.) setup
4.) quit
What task would you like to do?: 3
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) List PPTP Tunnels
5.) Add a NEW PPTP Tunnel
6.) Delete a PPTP Tunnel
7.) Configure resolv.conf
8.) Select a default tunnel
9.) Quit
?: 5
Add a NEW PPTP Tunnel.
1.) Other
Which configuration would you like to use?: 1
Tunnel Name: test
Server IP: 1.1.1.1
What route(s) would you like to add when the tunnel comes up?
This is usually a route to your internal network behind the PPTP server.
You can use TUNNEL_DEV and DEF_GW as in /etc/pptp.d/ config file
TUNNEL_DEV is replaced by the device of the tunnel interface.
DEF_GW is replaced by the existing default gateway.
The syntax to use is the same as the route(8) command.
Enter a blank line to stop.
route:
Local Name and Remote Name should match a configured CHAP secret.
Local Name is probably your NT domain\username.
NOTE: Any backslashes (\) must be doubled (\\).
Local Name: username
Remote Name [PPTP]: 1.1.1.1
Adding test - 1.1.1.1 - username - 1.1.1.1
Added tunnel test
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) List PPTP Tunnels
5.) Add a NEW PPTP Tunnel
6.) Delete a PPTP Tunnel
7.) Configure resolv.conf
8.) Select a default tunnel
9.) Quit
?: 8
1.) default
2.) star
3.) uicont
4.) test
5.) new-tunel
6.) cancel
Which tunnel do you want to be the default?: 4
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) List PPTP Tunnels
5.) Add a NEW PPTP Tunnel
6.) Delete a PPTP Tunnel
7.) Configure resolv.conf
8.) Select a default tunnel
9.) Quit
?: q
[root@test/]#
Se editeaza fisierul /etc/ppp/options si se pun urmatoarele optiuni:
lock
debug
nodetach
require-pap
Se editeaza fisierul /etc/ppp/pap-secrets si se lasa doar urmatoare linie in fisier
username * secrets *
In acest moment configurarea este gata si se poate trece la startarea conexiunii de VPN
[root@test/]# pptp-command start default
si se realizeaza conexiunea
Dupa realizarea conexiunii trebuie modificata tabela de routare pentru a functiona corespunzator toate serviciile
pe aceasta conexiune.
Toate acestea se pot pune in /etc/ppp/ip-up.local si /etc/ppp/ip-down.local
/etc/ppp/ip-up.local
#!/bin/bash
/sbin/route add -net 1.1.1.0/24 gw localgw --- unde 1.1.1.0.24 este clasa din care face parte serverul de vpn
si localgw este adresa de gateway local inainte de conectare
/sbin/route del default
/sbin/route add default gw ppp0addr - ppp0addr adresa care se primeste pe legatura ppp dupa conectare la VPN
Ii multumim lui Marius Lazaroi pentru sprijinul acrodat prin aceasta documentatie.
|
