In this post you can read how to configure a VPN client in Fedora Core 10. I tried to configure VPN client in NetworkManager, but there was no success. I turned off NetworkManager with chkconfig and uncheck Controlled by NetworkManager in system-config-network. In my case, VPN server is on Microsoft platform, so my domain must precede the user name.
- Install pptp RPM package
- Create script /etc/ppp/peers/my_vpn
- Add line to the /etc/ppp/chap-secrets
- Start VPN connection
- Add route to the ppp0 device
1. Install pptp RPM package
pptp establishes the client side of a Virtual Private Network (VPN) using the Point-to-Point Tunneling Protocol (PPTP). This is a small package – about 70KB.
yum install pptp
2. Create script /etc/ppp/peers/my_vpn
For a detailed explanation of the settings, please read “man pppd”.
# set the name of the local system for authentication purposes name <domain>\\<username> # set the assumed name of the remote system for authentication purposes remotename <server_name> # specifies that the command script is to be used to communicate pty "pptp <x1.y1.w1.z1> --nolaunchpppd" # require the use of MPPE, with 128-bit encryption require-mppe-128 # ask the peer for up to 2 DNS server addresses usepeerdns # options used by PPP when a connection is made by a PPTP client (provided by pptp package) file /etc/ppp/options.pptp
3. Add line to the /etc/ppp/chap-secrets
Replace all fields in < > with your settings. Client_name, server_name and IP address should be the same as name, remotename and pty IP address in my_vpn file.
# client_name server_name secret IP addresse <domain>\\<username> <server_name> <password> <x1.y1.w1.z1> # example DOM\\dbunic ms_vpn potato 126.96.36.199
4. Start VPN connection
In my case pon script did not have permission to execute, so I had to run chmod 755 before starting VPN connection. Pon script is provided by pptp RPM package.
# start VPN connection cd /etc/ppp/peers /usr/share/doc/ppp-2.4.4/scripts/pon my_vpn # stop VPN connection /usr/share/doc/ppp-2.4.4/scripts/poff
5. Add route to the ppp0 device
Now you should have eth0, lo and ppp0 devices listed with ifconfig and you are ready for routing traffic to the ppp0 device.
route add -net x2.y2.w2.0 netmask 255.255.255.0 dev ppp0
As you can see, it is not difficult to establish a VPN connection in Fedora Core 10. If something goes wrong, first look in the /var/log/messages. To disconnect from the VPN server, start poff script. poff script must have execute permission as well as pon script.
If you want to have only one script to start a VPN connection, please read Fedora VPN client and routing post. There you will find a few PHP lines and configuration of ip-up.local file.