Jump to content
Sign in to follow this  
coverup

VPN configuration. Anyone?

Recommended Posts

I am pulling my hair out trying to connect to the VPN server at work. Is it possible at all? I have the vpn server name, I know it has to be a PPTP tunnel, and I have access credentials. In windows that's sufficient, and I connect with no problem. Not so easy in Mandriva.

 

The infamous drakvpn does not have an option for PPTP config, that's no go for me. I tried kvpnc and pptp-command but could not connect either.

 

I googled a lot and followed all possible advises. In fact, my attempts to connect via VPN from a Linux box have been futile for a number of years, and every new and greatest version of Linux I tried was unable to cope with such a routine task! Any help please?

Edited by coverup

Share this post


Link to post
Share on other sites

I've been using pptpconfig for connecting to my VPN and I had a few issues. Mainly because I had to type my username exactly as it appeared (case-sensitive). I had to ensure also that the route was correctly configured in pptpconfig for it to connect and work also.

 

Maybe have a go with pptpconfig?

Share this post


Link to post
Share on other sites

pptpconfig is like a gui app where you create a VPN connection and launch it from pptpconfig. I have it under CentOS 5, so I don't know for sure if it's available in Mandriva repos but it could be.

Share this post


Link to post
Share on other sites

Thanks, Ian.

 

It is not available for Mandriva 2008.0 as far as I can tell. The latest version on the sourceforge is dated 2006, I am wondering if this project is alive at all;-).

 

Anyway, I made some progress... I was able to connect from the CLI by manually configuring chap-secrets and starting tunnel by hand. At least it worked from my office. But not providing the PPTP option in vpndrake is beyond my understanding. That's another BIG naught to Mandriva 2008.0. The first one is for not including WPA-EAP.

 

Now, what rule do I need to add to the shorewall rules to allow me connect to work? The shorewall documentation is not for heartfainted:-), I just want to connect to my server at work, that's all. :lol2:

Share this post


Link to post
Share on other sites

Are you wanting shorewall to automatically open the vpn tunnel? Or will you do this manually, and then just have a iptables/shorewall rule filtering traffic for that subnet across the ppp0 link to the office?

 

Because, I've no idea how to get shorewall to automatically open the VPN link. However, if you've initiated the ppp connection automatically, and this particular machine is a gateway for all the others, then you'd need a route command for routing it to the ppp0 connection (VPN) and then you'd need the firewall rule to decide which ports you want to allow to go to the office.

 

Also, if you install webmin, you can use this via web browser to create rules. It makes it a bit easier than typing them from the cli.

Share this post


Link to post
Share on other sites

I start ppp manually. I don't mind adding the rule by hand - presumably, it's just one line? The client is a laptop, I am connected to the internet via the Dlink router and a cable modem (PPPoE).

 

I start thinking that this is not a firewall problem, but something related to routing. Shorewall blocked traffic on only one occasion. After I stopped, and then enabled shorewall, messages from it stopped. I still cannot connect to the Exchange server at work regardless whether shorewall is on or off.

 

After connection is established, I can see that the routing table changes to

# route -n
Kernel IP routing table
Destination	 Gateway		 Genmask		 Flags Metric Ref	Use Iface
xxx.yyy.zzz.90   0.0.0.0		 255.255.255.255 UH	0	  0		0 ppp0
192.168.0.0	 0.0.0.0		 255.255.255.0   U	 0	  0		0 wlan0
0.0.0.0		 192.168.0.1	 0.0.0.0		 UG	0	  0		0 wlan0

where xxx.yyy.zzz.90 is the address of the gateway. Also, ifconfig shows that ppp interface is up

ppp0	  Link encap:Point-to-Point Protocol
	  inet addr:xxx.yyy.zzz.92  P-t-P:xxx.yyy.zzz.90  Mask:255.255.255.255
	  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1000  Metric:1
	  RX packets:12 errors:1 dropped:0 overruns:0 frame:0
	  TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
	  collisions:0 txqueuelen:3
	  RX bytes:261 (261.0 b)  TX bytes:134 (134.0 b)

This tells me that the tunnel is established OK. However, I cannot connect to the exchange server on the xxx.yyy.0.0 network - I am prompted to type in the password, and then I get an error message saying that the authentication failed.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...