Jimmy's weblog

8/16/2004

VPN with pptpd

Filed under: — jimmy @ 9:43 pm

When installing pptpd on a debian machine you just need to install the packages kernel-patch-mppe, pptpd and ppp. The packages work well and the bug concerning the openssl license is also fixed. Unfortunately you don’t have all of the packages in debian stable :-(
You can install pptpd but you have to patch the kernel and compile ppp(ppp in stable doesn’t include mppe, which is needed for encryption). I had problems installing the kernel patch from source so I just installed the source of the package kernel-patch-mppe(from testing) and copied the patch to /usr/src/linux. Although the patch was tested for kernel 2.4.25 there have been no problems applying it to kernel 2.4.21, which is the latest kernel in stable.
These are the important options(under network device support):

<M> PPP support for async serial ports
<M> PPP support for sync tty ports
<M> PPP Deflate compression
<M> PPP BSD-Compress compression
<M> PPP MPPE compression (encryption)

Now I had to compile ppp. Lazy as I am I took the source of the debian package(from testing) and used the .orig.tar.gz. ./configure, make and make install.
I only had to change /etc/pptpd.config, /etc/ppp/chap-secrets and /etc/ppp/pptpd-options. There are a few wrong options in /etc/ppp/pptpd-options because their names changed. It’s easy to find out the new names by using the strings tool:

strings /usr/sbin/pppd |grep mppe
strings /usr/sbin/pppd |grep chap