Topic: VPN connection from Ubuntu client - SOLVED

[jumba]

I've searched and searched, but cannot find any article about how to set up a vpn connection from an Ubuntu client to a Smeserver.

Basically, I need to help someone using an Ubuntu 7.04 laptop to make VPN-access to his Smeserver...

If there is any related information somewhere, please point me towards it, or does anyone has any experience in this field to share?

[CharlieBrady]

I've searched and searched, but cannot find any article about how to set up a vpn connection from an Ubuntu client to a Smeserver.

http://pptpclient.sourceforge.net/

[jumba]

Thanks Charlie!

I'll go for a try with that after the summer vacation, - and report back here afterwards of course.

[damjan]

hi,

combination with OpenVPN :
http://sme.swerts-knudsen.dk/index.html?frame=http%3A//sme.swerts-knudsen.dk/howtos/howto_30.htm

and linux client:

http://kde-apps.org/content/show.php/kvpnc?content=12570

works very good.

br
Damjan

[Mjohnson]

On Ubuntu, sudo apt-get network-manager-pptp

After it is installed the network manager icon on the upper right offers a PPTP VPN option.  Works very well.

[jumba]

Thanks for your help. Now I'm able to establish a pptp connection as follows:

Code: [Select]

ppp0      Link encap:Point-to-Point Protocol  
          inet addr:192.168.0.71  P-t-P:192.168.0.109  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1412  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:96 (96.0 b)  TX bytes:466 (466.0 b)
(seen in the Ubuntu client from the ifconfig command)

Code: [Select]

Jul 31 19:58:20 server pptpd[587]: CTRL: Client 213.64.16.194 control connection started
Jul 31 19:58:21 server pptpd[587]: CTRL: Starting call (launching pppd, opening GRE)
Jul 31 19:58:21 server pppd[588]: Plugin radius.so loaded.
Jul 31 19:58:21 server pppd[588]: RADIUS plugin initialized.
Jul 31 19:58:21 server pppd[588]: pppd 2.4.4 started by root, uid 0
Jul 31 19:58:21 server kernel: divert: not allocating divert_blk for non-ethernet device ppp0
Jul 31 19:58:21 server pppd[588]: Using interface ppp0
Jul 31 19:58:21 server pppd[588]: Connect: ppp0 <--> /dev/pts/2
Jul 31 19:58:25 server pppd[588]: MPPE 128-bit stateless compression enabled
Jul 31 19:58:25 server pppd[588]: found interface eth0 for proxy arp
Jul 31 19:58:25 server pppd[588]: local  IP address 192.168.0.109
Jul 31 19:58:25 server pppd[588]: remote IP address 192.168.0.80
Jul 31 19:58:26 server esmith::event[612]: Processing event: ip-up.pptpd ppp0 /dev/pts/2 460800 192.168.0.109 192.168.0.80 pptpd
Jul 31 19:58:26 server esmith::event[612]: Running event handler: /etc/e-smith/events/actions/generic_template_expand
Jul 31 19:58:26 server esmith::event[612]: expanding /etc/rc.d/init.d/masq  
Jul 31 19:58:27 server esmith::event[612]: generic_template_expand=action|Event|ip-up.pptpd|Action|generic_template_expand|Start|1185904706 165416|End|1185904707 786887|Elapsed|1.621471
Jul 31 19:58:27 server esmith::event[612]: Running event handler: /etc/e-smith/events/ip-up.pptpd/S70pptp-interface-access
Jul 31 19:58:28 server /etc/e-smith/events/ip-up.pptpd/S70pptp-interface-access[614]: /home/e-smith/db/configuration: OLD pptpd=service|Interfaces||TCPPort|1723|access|public|sessions|1|status|enabled
Jul 31 19:58:28 server /etc/e-smith/events/ip-up.pptpd/S70pptp-interface-access[614]: /home/e-smith/db/configuration: NEW pptpd=service|Interfaces|ppp0|TCPPort|1723|access|public|sessions|1|status|enabled
Jul 31 19:58:28 server esmith::event[612]: S70pptp-interface-access=action|Event|ip-up.pptpd|Action|S70pptp-interface-access|Start|1185904707 787798|End|1185904708 348183|Elapsed|0.560385
Jul 31 19:58:28 server esmith::event[612]: Running event handler: /etc/e-smith/events/actions/adjust-services
Jul 31 19:58:28 server esmith::event[612]: adjusting non-supervised masq (adjust)  
Jul 31 19:58:30 server esmith::event[612]: adjust-services=action|Event|ip-up.pptpd|Action|adjust-services|Start|1185904708 349394|End|1185904710 217094|Elapsed|1.8677
Jul 31 20:01:01 server pptpd[587]: CTRL: Reaping child PPP[588]
Jul 31 20:01:01 server pppd[588]: Modem hangup
Jul 31 20:01:01 server pppd[588]: Connect time 2.6 minutes.
Jul 31 20:01:01 server pppd[588]: Sent 0 bytes, received 1132 bytes.
Jul 31 20:01:01 server pppd[588]: MPPE disabled
Jul 31 20:01:01 server pppd[588]: Connection terminated.
Jul 31 20:01:01 server kernel: divert: no divert_blk to free, ppp0 not ethernet
Jul 31 20:01:03 server esmith::event[816]: Processing event: ip-down ppp0 /dev/pts/2 460800 192.168.0.109 192.168.0.80 pptpd
Jul 31 20:01:03 server esmith::event[816]: Running event handler: /etc/e-smith/events/actions/generic_template_expand
Jul 31 20:01:04 server esmith::event[816]: expanding /etc/rc.d/init.d/masq  
Jul 31 20:01:06 server esmith::event[816]: generic_template_expand=action|Event|ip-down|Action|generic_template_expand|Start|1185904863 262261|End|1185904866 451729|Elapsed|3.189468
Jul 31 20:01:06 server esmith::event[816]: Running event handler: /etc/e-smith/events/ip-down/S50isdn-down-notify
Jul 31 20:01:06 server pppd[588]: Exit.
(from messages log in Smeserver)

...but should I really get a net mask of 255.255.255.255???

I think that might be the reason for me being unable to access any other machine in the LAN (including the server itself), or am I missing out on something else?

Any assistance here would be greatly appreciated.

[jumba]

Hello all!

I just wanted to report that my problem has been solved:

I went over to a neighbor in order to test the VPN-connection, but stupid stupid me never recognized that his internal LAN happened to use exactly the same net as my own net...

So, when I tried to connect to my server at 192.168.0.5 from his network (192.168.0.1/24) of course the computer couldn't figure out that I wanted to visit something in MY lan....

Anyway, happy endings are always fun and educational    

[Mjohnson]

I was out on vacation and just now got home.  I was going to check the config setup of the VPN, but it sounds like you have it all going.

Nice to hear.

[CharlieBrady]

...but should I really get a net mask of 255.255.255.255???

Yes. A PPP link is a point to point link - you cannot broadcast on it. If you need to add extra routes over that link then you do that outside pppd itself - e.g. via an ip-up script.

[wr19026]

hi,

combination with OpenVPN :
http://sme.swerts-knudsen.dk/index.html?frame=http%3A//sme.swerts-knudsen.dk/howtos/howto_30.htm

and linux client:

http://kde-apps.org/content/show.php/kvpnc?content=12570

works very good.

br
Damjan

I am trying to get this to work and have all the required packages installed both on the SME Server as well as on my Ubuntu client (Kvpnc on Feisty) but just can 't get the connection to work.

I stored the 4 certificate and key files in /root/.kde/apps/share/kvpnc/ and changed the link to point to them but still no luck, keeps telling me that it's connecting. The Windows setup *seems* to work properly by the way.

Do I by any chance need to be outside of my own LAN to get it to work?

seems