Weekly sharing
Hi everyone, I am Ekim, a fresh Bootcamp graduate and an IT helper (I don't dare to call myself a programmer yet). Every Friday, I will share some of the work that I've done over the last week in a bid to get feedbacks from you guys and record my journey to become a programmer.
Previously
A wee Asterisk self-signed certificate sharing
Introduction
Recently, I have been working and experimenting on VRRP stuff. Most resources I found on the Internet are related to CISCO, which is not suitable for me. So, I came up with an idea of connecting my ec2 instances through PPTP VPN to achieve VRRP. Things look logical, but I still failed to make the VRRP running. Nevertheless, allow me to share how you could connect a PPTP VPN on Ubuntu without the help of GUI.
PPTP VPN set-up
Since I am using an ASUS router, it is pretty easy to set up a PPTP VPN server.
Ubuntu PPTP VPN connection
Connecting VPN with GUI is pretty easy. However, as I am working on a headless Ubuntu, I need to do the configurations myself. Here is what I found online, which is very useful.
Installation of PPTP client
# Installation of PPTP client
apt-get update
apt-get upgrade
apt-get autoclean
apt-get install pptp-linux
Options set-up
# options set-up
cd /etc/ppp/
vim options
# --------- options ---------
# Lock the port
lock
# We don't need the tunnel server to authenticate itself
noauth
# Turn off compression protocols we know won't be used
nobsdcomp
nodeflate
# We won't do PAP, EAP, CHAP, or MSCHAP, but we will accept MSCHAP-V2
# (you may need to remove these refusals if the server is not using MPPE)
refuse-pap
refuse-eap
refuse-chap
refuse-mschap
# --------- options ---------
chap-secrets set-up
# chap-secrets set-up
chmod 0600 /etc/ppp/chap-secrets
vim /etc/ppp/chap-secrets
# --------- chap-secrets ---------
# Secrets for authentication using CHAP
# client server secret IP addresses
<username> PPTP <password> *
# --------- chap-secrets ---------
# username and password are your VPN login name and password set in the PPTP server via your router
# remember to use double quote for both of your username and password
tunnel name
# giving name for your vpn connection
touch /etc/ppp/peers/vpn # I want my vpn connection called "vpn"
vim /etc/ppp/peers/vpn
# --------- tunnel ---------
pty "pptp <server> --nolaunchpppd"
name <username>
remotename PPTP
require-mppe-128
file /etc/ppp/options
ipparam <tunnel>
# --------- tunnel ---------
# server means the remote address of the VPN server (I used my own public IP)
# tunnel means the name of the connection, which is "vpn" in this example
# remember to use double quote for both of your username
Implementation
# Connect
sudo pon vpn # start PPTP VPN connection4
# Check
ip addr
# you should see a ppp0 interface with a subnet address
# ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1446 qdisc fq_codel state UNKNOWN group default qlen 3
# link/ppp
# inet 192.168.10.9 peer 192.168.1.1/32 scope global ppp0
# valid_lft forever preferred_lft forever
# Disconnect
sudo poff vpn # turn off the PPTP VPN connection
Routing of servers
If you have multiple devices using the VPN, it does not mean that they could connect with each other automatically. When you ping from one device to another, you would receive no response as the routing has not yet been set up.
Therefore, you may need to add the following command in your devices
# Route all the traffic with a destination of 192.168.10. through ppp0 interface
ip route add 192.168.10.0/24 dev ppp0
Conclusion
Hardly could I find resources on VPN connection fully with command lines. I hope you would somehow find this sharing useful. That's all for today. See you next time.
Top comments (0)