sdf_s_vpn_servers
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
sdf_s_vpn_servers [2021/03/20 19:39] – [Connecting in Linux] hc9 | sdf_s_vpn_servers [2021/03/21 00:23] – [Connecting in FreeBSD] hc9 | ||
---|---|---|---|
Line 78: | Line 78: | ||
< | < | ||
- | root@OpenWrt: | + | |
</ | </ | ||
Line 166: | Line 166: | ||
- Open another terminal. Enter ' | - Open another terminal. Enter ' | ||
- Alternatively to steps 5 and 6, you might use a wrapper script like this: < | - Alternatively to steps 5 and 6, you might use a wrapper script like this: < | ||
- | | + | #!/bin/bash |
SDFVPNHOST=**// | SDFVPNHOST=**// | ||
RT=`ip route get $SDFVPNHOST | head -1` | RT=`ip route get $SDFVPNHOST | head -1` | ||
Line 177: | Line 177: | ||
ip route del $SDFVPNHOST via $VIA dev $DEV table sdftun | ip route del $SDFVPNHOST via $VIA dev $DEV table sdftun | ||
</ | </ | ||
- | + | * This automatically detects the default gateway and adds appropriate routes, starts the VPN and deletes the routes after VPN has been stopped. If you do not use a custom routing table dedicated to the SDF VPN you should delete the lines ending in "table sdftun" | |
- | This automatically detects the default gateway and adds appropriate routes, starts the VPN and deletes the routes after VPN has been stopped. If you do not use a custom routing table dedicated to the SDF VPN you should delete the lines ending in "table sdftun" | + | |
==== GUI Setup With NetworkManager ==== | ==== GUI Setup With NetworkManager ==== | ||
Line 198: | Line 197: | ||
{{ : | {{ : | ||
- | Click on the **Add** button, and choose **Point-to-Point Tunneling Protocol (PPTP)**, then click **Create**. Fill out the **User name**, **Password** and **Gateway** fields with appropriate values ([[#setup|from when you ran //setvpn//]]): | + | Click on the **Add** button, and choose **Point-to-Point Tunneling Protocol (PPTP)**, then click **Create**. Fill out the **User name**, **Password** and **Gateway** fields with appropriate values ([[#setting_it_up|from when you ran setvpn]]): |
{{ : | {{ : | ||
Line 224: | Line 223: | ||
For this setup you'll need to install the following kernel module packages: // | For this setup you'll need to install the following kernel module packages: // | ||
- | |**1**|Login to your OpenWRT device via SSH.| | + | - Login to your OpenWRT device via SSH. |
- | |**2**|Install the required kernel modules and plugins: //opkg install kmod-pptp kmod-mppe ppp-mod-pptp// | + | |
- | |**3**|Open /// | + | |
- | + | ||
- | < | + | |
#### VPN configuration | #### VPN configuration | ||
config ' | config ' | ||
Line 239: | Line 235: | ||
option ' | option ' | ||
option ' | option ' | ||
- | |||
</ | </ | ||
- | + | - Open /// | |
- | |**4**|Open /// | + | |
- | + | ||
- | < | + | |
noipdefault | noipdefault | ||
nodefaultroute | nodefaultroute | ||
Line 261: | Line 252: | ||
deflate 9,15 | deflate 9,15 | ||
idle 0 | idle 0 | ||
- | |||
</ | </ | ||
- | + | - Restart networking to connect to the VPN: /// | |
- | |**5**|Restart networking to connect to the VPN: /// | + | |
- | |**6**|If everything worked correctly, the // | + | |
- | + | ||
- | < | + | |
pptp-vpn | pptp-vpn | ||
inet addr: | inet addr: | ||
Line 276: | Line 262: | ||
collisions: | collisions: | ||
RX bytes:1159 (1.1 KiB) TX bytes:128 (128.0 B) | RX bytes:1159 (1.1 KiB) TX bytes:128 (128.0 B) | ||
- | |||
</ | </ | ||
- | + | - Routing can be set up like any Linux OS, so follow the routing instructions found above: [[#connecting_in_linux|Linux]]. | |
- | |**7**|Routing can be set up like any Linux OS, so follow the routing instructions found above: [[#linux|Linux]].| | + | |
==== PPTP Userspace Utility ==== | ==== PPTP Userspace Utility ==== | ||
Line 285: | Line 269: | ||
- Login to your OpenWRT device via SSH. | - Login to your OpenWRT device via SSH. | ||
- Install the required userspace tools and module for MPPE: //opkg install pptp kmod-mppe// | - Install the required userspace tools and module for MPPE: //opkg install pptp kmod-mppe// | ||
- | - Follow the [[#linux|Linux]] directions above like normal. | + | - Follow the [[#connecting_in_linux|Linux]] directions above like normal. |
- If you are still having trouble, look over the official OpenWRT documentation found here: http:// | - If you are still having trouble, look over the official OpenWRT documentation found here: http:// | ||
===== Connecting in FreeBSD ===== | ===== Connecting in FreeBSD ===== | ||
- | * Install mpd4 from ports or packages. | + | * Install |
- | * Add the following section to your / | + | * Add the following section to your '' |
- | + | ||
- | < | + | |
sdfvpn: | sdfvpn: | ||
new -i ng1 sdfvpn sdfvpn | new -i ng1 sdfvpn sdfvpn | ||
Line 326: | Line 307: | ||
set ccp yes mpp-stateless | set ccp yes mpp-stateless | ||
open | open | ||
- | |||
</ | </ | ||
- | |||
* You will have to replace three (3) things in this config: | * You will have to replace three (3) things in this config: | ||
- Your USERNAME | - Your USERNAME | ||
Line 334: | Line 313: | ||
- The local address of SDF's VPN host. This can be found in /etc/hosts on SDF. The local IP will start with 10.0.0, but have the same last octet as the public IP. | - The local address of SDF's VPN host. This can be found in /etc/hosts on SDF. The local IP will start with 10.0.0, but have the same last octet as the public IP. | ||
- | * Add this in your / | + | * Add this in your / |
- | + | ||
- | < | + | |
sdfvpn: | sdfvpn: | ||
set link type pptp | set link type pptp | ||
Line 343: | Line 319: | ||
set pptp enable originate outcall | set pptp enable originate outcall | ||
set pptp disable incoming | set pptp disable incoming | ||
- | |||
</ | </ | ||
- | |||
* You will have to replace one (1) thing in this config: | * You will have to replace one (1) thing in this config: | ||
- | - The public address of SDF's VPN host. You can get this by running setvpn at the shell. | + | - The public address of SDF's VPN host. You can get this by running |
- | * Now, as root, run mpd4 sdfvpn. | + | * Now, as root, run '' |
* You should now be connected to SDF over a layer 3 tunnel across the Internet. | * You should now be connected to SDF over a layer 3 tunnel across the Internet. | ||
* Your new routes are only for SDF's hosts, and use their internal IP addresses. These are the 10.0.0.x ones. I'm working on how to route to the public ones over the VPN without creating a routing loop to the VPN host. I copied SDF's /etc/hosts file to my machine so that I can run 'ssh sdf1' to connect through the tunnel. | * Your new routes are only for SDF's hosts, and use their internal IP addresses. These are the 10.0.0.x ones. I'm working on how to route to the public ones over the VPN without creating a routing loop to the VPN host. I copied SDF's /etc/hosts file to my machine so that I can run 'ssh sdf1' to connect through the tunnel. | ||
Line 389: | Line 363: | ||
[[http:// | [[http:// | ||
- | |**1**|Open Viscosity' | + | - Open Viscosity' |
- | |**2**|Create a new connection| | + | |
- | + | | |
- | {{: | + | |
- | + | | |
- | |**3**|In the New Connection window,| | + | |
- | + | | |
- | * Give your connection a name | + | |
- | | + | |
- | | + | |
- | | + | |
- | + | | |
- | {{: | + | |
- | + | | |
- | |**4**|Move on to the Authentication tab| | + | |
- | + | | |
- | * You will need to copy the certificates and keys you received in e-mail to a //SECURE// location on your //local// disk. | + | |
- | | + | |
- | + | ||
- | {{: | + | |
- | + | ||
- | |**5**|Now move to the Options tab| | + | |
- | |**6**|Set LZO Compression to **On** or **On (Adaptive)**| | + | |
- | + | ||
- | {{: | + | |
That's it! Hit Save, and you're ready to roll securely through the SDF VPN. | That's it! Hit Save, and you're ready to roll securely through the SDF VPN. |
sdf_s_vpn_servers.txt · Last modified: 2024/09/18 06:22 by hc9