[CentOS] VPN via PPTP and MPPE
Benjamin Smith
lists at benjamindsmith.com
Wed Nov 9 04:20:46 UTC 2005
I tried several times to get a VPN working - I tried
1) Tunneling IP over SSH fw.
2) IPSec
3) PPTP
All were painful, and often unreliable. (I'd do a kernel update, and suddenly
VPN would die a horrible death, and I'd have to recompile a bunch of stuff to
get it back up - ugh)
The best way, bar none, no exceptions, is using OpenVPN. Cross platform,
fairly quick setup, good security, highly reliable.
After a few hours of tinkering during setup, "it just works" and has done so
very reliably under rather demanding circumstances for over a year. Probably
the worst part was setting up the routing tables on either end, and that
seems to be a PITA regardless of your VPN solution...
The only downside I can find to OpenVPN is that it requires a process on the
GW for each connection, so this could get cumbersome if you have hundreds of
simultaneous connections. But, with my half-dozen connections, it works
fanastically!
Cheers!
-Ben
On Monday 31 October 2005 13:27, James B. Byrne wrote:
> I have set up a VPN over PPTP on a CentOS server using the
> DKMS module rpm dkms-0-2.0.6-3.el4 from
> http://centos.karan.org/el4/extras/stable/i386/RPMS/repodata/repovie
> w/dkms-0-2.0.6-3.el4.kb.html
>
> and
>
> kernel_ppp_mppe-0.0.5-2dkms.noarch.rpm at
> http://pptpclient.sourceforge.net/howto-fedora-
> core-3.phtml.
>
> I have configured the pptpd server on Centos4 to use MS_CHAPv2,
> 128bit encryption and to assign server side and client IP addresses
> in the range a.b.c.42-48 and a.b.c.52-58 respectively.
>
> I have also opened the firewall for tcp port 1723 and the GRE
> protocol (47).
>
> I have configured a Microsoft Win2Kpro client and I can connect and
> establish a VPN. However I am missing something because:
>
> 1. If I try and connect to a machine on the local network segment
> then the VPN channel is not used (this is probably the correct
> behaviour but it is not what I want and I need to know how to force
> local network paths over an encrypted connection).
>
> 2. If I try and connect to a host outside our local network then
> the traffic is not routed out through the gateway but it does
> travel over the vpn to the local pptdp server.
>
> So, what am I missing in all of this? Are there options for the
> pptpd that I need to set for this to work?
>
> I have a similar problem when I connect from outside the local
> network segment. The the vpn connects but then I cannot reach any
> other host.
>
> Any suggestions are welcome. I am a digest subscriber so if you
> could copy my email address on your reply then I would be
> appreciative.
>
> Regards,
> Jim
>
> --
> *** e-mail is not a secure channel ***
> mailto:byrnejb.<token>@harte-lyne.ca
> James B. Byrne Harte & Lyne Limited
> vox: +1 905 561 1241 9 Brockley Drive
> fax: +1 905 561 0757 Hamilton, Ontario
> <token> = hal Canada L8E 3C3
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
--
"The best way to predict the future is to invent it."
- XEROX PARC slogan, circa 1978
More information about the CentOS
mailing list