Configurazione di una connessione PPTP Lan2Lan in Debian
Jump to navigation
Jump to search
Installazione
sudo apt-get install pptp-linux
Configurazione
- Modificare le opzioni ppp
sudoedit /etc/ppp/options.pptp
###############################################################################
# $Id: options.pptp,v 1.1 2005/02/18 01:40:23 quozl Exp $
#
# Sample PPTP PPP options file /etc/ppp/options.pptp
# Options used by PPP when a connection is made by a PPTP client.
# This file can be referred to by an /etc/ppp/peers file for the tunnel.
# Changes are effective on the next connection. See "man pppd".
#
# You are expected to change this file to suit your system. As
# packaged, it requires PPP 2.4.2 or later from http://ppp.samba.org/
# and the kernel MPPE module available from the CVS repository also on
# http://ppp.samba.org/, which is packaged for DKMS as kernel_ppp_mppe.
###############################################################################
# Lock the port
lock
# Authentication
# We don't need the tunnel server to authenticate itself
noauth
# We won't do EAP, CHAP, or MSCHAP, but we will accept MSCHAP-V2
refuse-pap
refuse-eap
refuse-chap
refuse-mschap
# Compression
# Turn off compression protocols we know won't be used
nobsdcomp
nodeflate
# Encryption
# (There have been multiple versions of PPP with encryption support,
# choose with of the following sections you will use. Note that MPPE
# requires the use of MSCHAP-V2 during authentication)
# http://ppp.samba.org/ the PPP project version of PPP by Paul Mackarras
# ppp-2.4.2 or later with MPPE only, kernel module ppp_mppe.o
# {{{
# Require MPPE 128-bit encryption
#require-mppe-128
# }}}
# http://polbox.com/h/hs001/ fork from PPP project by Jan Dubiec
# ppp-2.4.2 or later with MPPE and MPPC, kernel module ppp_mppe_mppc.o
# {{{
# Require MPPE 128-bit encryption
#mppe required,stateless
# }}}
- Impostare username e password
sudoedit /etc/ppp/chap-secrets
# Secrets for authentication using CHAP # client server secret IP addresses myusername PPTP secretpassword *
- Impostare l'interfaccia virtuale, in modo che sia attivata in automatico al boot. Questa interfaccia non verà elencata in ifconfig, ma provvederà a lanciare la connessione pptp:
sudoedit /etc/network/interfaces
auto levelip
iface levelip inet ppp
provider levelip
- Creare lo script di support, che ad esempio imposta le route necessarie:
sudoedit /etc/ppp/ip-up.d/levelip
#!/bin/bash
if [ "${PPP_IPPARAM}" = "levelip" ]; then
/sbin/route add -net 1.2.3.0/24 dev ${IFNAME}
fi
- Renderlo eseguibile:
sudo chmod +x /etc/ppp/ip-up.d/levelip
- Creare il file di configurazione per la connessione pptp
sudoedit /etc/ppp/peers/levelip
pty "pptp 5.6.7.8 --nolaunchpppd" name myusername remotename PPTP require-mppe-128 file /etc/ppp/options.pptp ipparam levelip persist
- Provare la connessione in manuale:
sudo pon levelip
- Se tutto funziona, scollegarsi:
sudo poff levelip
- Attivarlo tramite l'interfaccia:
sudo ifup levelip
- Testare la disconnessione:
sudo ifdown levelip
- Riattivare l'interfaccia:
sudo ifup levelip