Topic: VPN-Masquerading

[Robert de Graaf]

I am attempting to establish a vpn connection between two
e-smith servers, both running 4.1. The workstations are Windows 2000 Pro.
The 4.1 servers are connected to the internet by a cable modem.

I know i have to enable PPTP masquerade, because that is not a not a feature of e-smith 4.1. Only problem is, i do not know exactly how to do that.

On the following page there is a lot of info about applying some patches and
recompiling the kernel:
http://www.impsec.org/linux/masquerade/ip_masq_vpn.html

I still don't know how to get this all working.

Can someone please tell me step by stepp how to get VPN-masquerading working
in 4.1?

Perhaps it's a good add-on for the next release!!

[Tim Larson]

In E-smith 4.1, I did a bit of poking around in the modules directory (/lib/modules/2.2.16-22) and in the ipv4 subdirectory I found a module by the name of ip_masq_pptp.o

It may be that you don't have to do any work at all - none of that mess of recompiling the kernel - just try the following command as root (be sure to log in at the console or over ssh as root, not as admin):
   /sbin/insmod /lib/modules/uname -r/ipv4/ip_masq_pptp.o

This looks like it's too easy to be true, but that seems to be the whole e-smith philosophy, so I'd say give it a try.

Please let me know if this actually worked.  I'm using a redhat box that I spent forever on patching the kernel for this and various other things, and I'm considering replacing it with an e-smith box.

     Tim Larson

[Robert de Graaf]

Tim,

I get an error when i try the following command:
/sbin/insmod /lib/modules/uname -r/ipv4/ip_masq_pptp.o
(insmod: a module named ip_masq_pptp already exists)

What is wrong? Should i replace uname by a username?
Please tell me step by step how to autoload the masq-pptp module.

Robert

[Charlie Brady]

Robert de Graaf wrote:

> I get an error when i try the following command:
> /sbin/insmod /lib/modules/uname -r/ipv4/ip_masq_pptp.o
> (insmod: a module named ip_masq_pptp already exists)
>
> What is wrong?

It's telling you that the module is already loaded.

> Should i replace uname by a username?
> Please tell me step by step how to autoload the masq-pptp
> module.

It's already loaded. However it's my understanding that the RedHat provided module doesn't work, which is why e-smith removed PPTP masquerade support from the list of features for version 4.1.

We'll try to come up with a fix, when we have some time to look at it.

Charlie

[Joost]

It seems to work if you install the latest kernel from Redhat 2.2.17-14.
It's been told in this forum that that kernel might break a couple of things (probably pptpd?)

What seems to be the case is that there are a lot less modules present in the modules directory of the 2.2.17-14 directory than the e-smith supplied one. I would like to compile the 2.2.17-14 kernel exactly like the e-smith supplied kernel to be able to get pptp masquerading support AND ICQ masquerading etc.

Does anyone have a kernel config file for the default e-smith kernel so that I can compile the later version with more or less the same parameters?

TIA,
Joost

PS: If you decide to install the upgraded kernel and you have scsi harrware, don't forget to run mkinitrd before you try it

[Tim Litwiller]

If I understand correctly, e-smith doesn't do anything to the redhat supplied kernel.  [Charlie if I am wrong correct me.]

So at your own risk you should be able to grab a redhat kernel and put it in and barring breaking some of the other configurations the kernel should work just fine.