Differences

This shows you the differences between two versions of the page.

--- sdf_s_vpn_servers [2021/03/20 19:40] – [Connecting in Linux] hc9
+++ sdf_s_vpn_servers [2021/03/21 00:29] (current) – [Connecting in FreeBSD] hc9
@@ Line 78: / Line 78: @@
 <code>
-root@OpenWrt:~# opkg install openvpn
+  root@OpenWrt:~# opkg install openvpn
 </code>
@@ Line 177: / Line 177: @@
 ip route del $SDFVPNHOST via $VIA dev $DEV table sdftun
 </code>
+  * This automatically detects the default gateway and adds appropriate routes, starts the VPN and deletes the routes after VPN has been stopped. If you do not use a custom routing table dedicated to the SDF VPN you should delete the lines ending in "table sdftun".
-This automatically detects the default gateway and adds appropriate routes, starts the VPN and deletes the routes after VPN has been stopped. If you do not use a custom routing table dedicated to the SDF VPN you should delete the lines ending in "table sdftun".
 ==== GUI Setup With NetworkManager ====
@@ Line 198: / Line 197: @@
 {{ :sdf_s_vpn_servers:vpn4.png?nolink |}}
-Click on the **Add** button, and choose **Point-to-Point Tunneling Protocol (PPTP)**, then click **Create**. Fill out the **User name**, **Password** and **Gateway** fields with appropriate values ([[#setup|from when you ran //setvpn//]]):
+Click on the **Add** button, and choose **Point-to-Point Tunneling Protocol (PPTP)**, then click **Create**. Fill out the **User name**, **Password** and **Gateway** fields with appropriate values ([[#setting_it_up|from when you ran setvpn]]):
 {{ :sdf_s_vpn_servers:vpn2.png?nolink |}}
@@ Line 224: / Line 223: @@
 For this setup you'll need to install the following kernel module packages: //kmod-pptp//, //kmod-mppe//.
-|**1**|Login to your OpenWRT device via SSH.|
+  - Login to your OpenWRT device via SSH.
-|**2**|Install the required kernel modules and plugins: //opkg install kmod-pptp kmod-mppe ppp-mod-pptp//|
+  - Install the required kernel modules and plugins: //opkg install kmod-pptp kmod-mppe ppp-mod-pptp//
-|**3**|Open ///etc/config/network// with the editor of your choice. Example: //vi /etc/config/network//. Add the following lines to the end of the file: (change USERNAME to your SDF Username, and the values PASSWORD and SDF.VPN.IP.ADDRESS to thoes set in the //setvpn// command.|
+  - Open ///etc/config/network// with the editor of your choice. Example: //vi /etc/config/network//. Add the following lines to the end of the file: (change USERNAME to your SDF Username, and the values PASSWORD and SDF.VPN.IP.ADDRESS to thoes set in the //setvpn// command. <code>
-<code>
   #### VPN configuration
   config 'interface' 'vpn'
@@ Line 239: / Line 235: @@
   option 'buffering'      '1'
   option 'defaultroute'   '0'
 </code>
+  - Open ///etc/ppp/options.pptp// with the editor of your choice. Example: //vi /etc/ppp/options.pptp//. Add the following lines to the end of the file (the //plugin// may need to be changed to match your system): <code>
-|**4**|Open ///etc/ppp/options.pptp// with the editor of your choice. Example: //vi /etc/ppp/options.pptp//. Add the following lines to the end of the file (the //plugin// may need to be changed to match your system):|
-<code>
   noipdefault
   nodefaultroute
@@ Line 261: / Line 252: @@
   deflate 9,15
   idle 0
 </code>
+  - Restart networking to connect to the VPN: ///etc/init.d/networking restart//.
-|**5**|Restart networking to connect to the VPN: ///etc/init.d/networking restart//.|
+  - If everything worked correctly, the //ifconfig// command should display a new interface named //pptp-vpn// looking something like this: <code>
-|**6**|If everything worked correctly, the //ifconfig// command should display a new interface named //pptp-vpn// looking something like this:|
-<code>
   pptp-vpn  Link encap:Point-to-Point Protocol
           inet addr:192.94.73.44  P-t-P:192.94.73.25  Mask:255.255.255.255
@@ Line 276: / Line 262: @@
           collisions:0 txqueuelen:3
           RX bytes:1159 (1.1 KiB)  TX bytes:128 (128.0 B)
 </code>
+  - Routing can be set up like any Linux OS, so follow the routing instructions found above: [[#connecting_in_linux|Linux]].
-|**7**|Routing can be set up like any Linux OS, so follow the routing instructions found above: [[#linux|Linux]].|
 ==== PPTP Userspace Utility ====
@@ Line 285: / Line 269: @@
   - Login to your OpenWRT device via SSH.
   - Install the required userspace tools and module for MPPE: //opkg install pptp kmod-mppe//
-  - Follow the [[#linux|Linux]] directions above like normal.
+  - Follow the [[#connecting_in_linux|Linux]] directions above like normal.
   - If you are still having trouble, look over the official OpenWRT documentation found here: http://wiki.openwrt.org/doc/howto/vpn.client.pptp
 ===== Connecting in FreeBSD =====
-  * Install mpd4 from ports or packages.
+  * Install ''mpd4'' from ports or packages.
-  * Add the following section to your /usr/local/etc/mpd4/mpd4.conf:
+  * Add the following section to your ''/usr/local/etc/mpd4/mpd4.conf'': <code>
-<code>
   sdfvpn:
           new -i ng1 sdfvpn sdfvpn
@@ Line 326: / Line 307: @@
           set ccp yes mpp-stateless
           open
 </code>
   * You will have to replace three (3) things in this config:
     - Your USERNAME
     - Your PASSWORD
-    - The local address of SDF's VPN host. This can be found in /etc/hosts on SDF. The local IP will start with 10.0.0, but have the same last octet as the public IP.
+    - The local address of SDF's VPN host. This can be found in ''/etc/hosts'' on SDF. The local IP will start with 10.0.0, but have the same last octet as the public IP.
-  * Add this in your /usr/local/etc/mpd4/mpd4.links file:
-<code>
+  * Add this in your ''/usr/local/etc/mpd4/mpd4.links'' file: <code>
   sdfvpn:
           set link type pptp
@@ Line 343: / Line 319: @@
           set pptp enable originate outcall
           set pptp disable incoming
 </code>
   * You will have to replace one (1) thing in this config:
-    - The public address of SDF's VPN host. You can get this by running setvpn at the shell.
+    - The public address of SDF's VPN host. You can get this by running ''setvpn'' at the shell.
-  * Now, as root, run mpd4 sdfvpn.
+  * Now, as root, run ''mpd4 sdfvpn''.
   * You should now be connected to SDF over a layer 3 tunnel across the Internet.
   * Your new routes are only for SDF's hosts, and use their internal IP addresses. These are the 10.0.0.x ones. I'm working on how to route to the public ones over the VPN without creating a routing loop to the VPN host. I copied SDF's /etc/hosts file to my machine so that I can run 'ssh sdf1' to connect through the tunnel.
@@ Line 389: / Line 363: @@
 [[http://www.sparklabs.com/viscosity/|Viscosity]] is an OpenVPN client for Mac and Windows
-|**1**|Open Viscosity's preferences window.|
+  - Open Viscosity's preferences window.
-|**2**|Create a new connection|
+  - Create a new connection
+    - {{:sdf_s_vpn_servers:viscosity1.png?nolink&500|}}
-{{:sdf_s_vpn_servers:viscosity1.png?nolink&500|}}
+  - In the New Connection window,
+    - Give your connection a name
-|**3**|In the New Connection window,|
+    - Enter the server IP you received via e-mail under **Remote Server**
+    - Make sure protocol is set to **tap** not **tun**
-  * Give your connection a name
+    - Uncheck **Enable DHCP**.
-  * Enter the server IP you received via e-mail under **Remote Server**
+    - {{:sdf_s_vpn_servers:viscosity2.png?nolink&500|}}
-  * Make sure protocol is set to **tap** not **tun**
+  - Move on to the Authentication tab|
-  * Uncheck **Enable DHCP**.
+    - You will need to copy the certificates and keys you received in e-mail to a //SECURE// location on your //local// disk.
+    - Select the appropriate certificate or key for each of the three SLL file locations
-{{:sdf_s_vpn_servers:viscosity2.png?nolink&500|}}
+    - {{:sdf_s_vpn_servers:viscosity4.png?nolink&500|}}
+  - Now move to the Options tab
-|**4**|Move on to the Authentication tab|
+  - Set LZO Compression to **On** or **On (Adaptive)**
+    - {{:sdf_s_vpn_servers:viscosity5.png?nolink&500|}}
-  * You will need to copy the certificates and keys you received in e-mail to a //SECURE// location on your //local// disk.
-  * Select the appropriate certificate or key for each of the three SLL file locations
-{{:sdf_s_vpn_servers:viscosity4.png?nolink&500|}}
-|**5**|Now move to the Options tab|
-|**6**|Set LZO Compression to **On** or **On (Adaptive)**|
-{{:sdf_s_vpn_servers:viscosity5.png?nolink&500|}}
 That's it! Hit Save, and you're ready to roll securely through the SDF VPN.