PoPToP on linux-2.4.18

What you need:
  • pptpd-1.0.1.tar.gz is the poptop pptp server.
  • ppp-2.4.1.tar.gz is the pppd source you will have to patch.
  • SSLeay is not needed for the pppd 2.4.1 patches because the rc4 implementation is in the mppe kernel module, ignore the filenames.
  • ppp-2.4.1-openssl-0.9.6-mppe-patch.gz adds the mppe support into pppd.
  • ppp-2.4.1-MSCHAPv2-fix.patch.gz fixes a MSCHAPv2 issue.
  • linux-2.4.16-openssl-0.9.6b-mppe.patch.gz is the linux kernel patch you will need, I patched this against 2.4.18 and it works beautifully. Ignore the name, you no longer need any rc4 files out of the openssl source. Instructions:

    Unpack ppp source
    tar zxvf ppp-2.4.1.tar.gz

    Uncompress patches
    gunzip ppp-2.4.1-openssl-0.9.6-mppe-patch.gz
    gunzip ppp-2.4.1-MSCHAPv2-fix.patch.gz

    Patch ppp source
    patch -p0 < ppp-2.4.1-openssl-0.9.6-mppe-patch
    patch -p0 < ppp-2.4.1-MSCHAPv2-fix.patch

    Build ppp
    cd ppp-2.4.1
    ./configure
    make
    make install

    Patch linux kernel
    -Make sure ppp_deflate and bsd_comp are either compiled into your kernel or compiled as modules.

    guznip linux-2.4.16-openssl-0.9.6b-mppe.patch.gz
    cp linux-2.4.16-openssl-0.9.6b-mppe.patch /usr/src/linux
    cd /usr/src/linux
    patch -p1 < linux-2.4.16-openssl-0.9.6b-mppe.patch
    make modules SUBDIRS=drivers/net
    make modules_install

    -now might be a good time to reboot

    Insmod modules
    modprobe slhc
    modprobe ppp_generic
    modprobe bsd_comp
    modprobe ppp_deflate
    modprobe ppp_mppe

    Compile poptop
    tar zxvf pptpd-1.0.1.tar.gz
    cd pptpd-1.0.1
    ./configure
    make
    make install

    Setup ppp
    cd /etc/ppp
    touch ppp.conf

    options should look something like:
    lock
    auth
    +chap
    +chapms
    +chapms-v2
    mppe-40
    mppe-128
    mppe-stateless

    chap-secrets should look like:
    username * password *

    /etc/ppptpd.conf should look like:
    speed 115200
    localip 10.0.1.200-210
    remoteip 10.0.2.200-210

    Start pptpd
    /usr/local/sbin/pptpd

    Log files
    Look in /var/log/messages /var/log/syslog and /var/log/debug for error messages, if you want to increase verbosity you can add debug into /etc/ppp/options and /etc/pptpd.conf.

    Windows setup
    I tested this on Windows ME, Windows 2000, and Windows XP. ME and 2k connected at 40 bit encryption, but that should be able to go up to 128 with encryption patches (I know 2k has one, not sure about ME). Windows XP connected at 128 bit encryption.
    I will post screenshots of all the settings, but it is really easy to get it to connect.

    One important thing to note is the "Use remote connections default gateway". If you use this, it will add the ppp server's ip as your default route. If you do not use this it will add a route entry for the class C you are assigned to (remoteip in pptpd.conf) and use your tunnel endpoint as the gateway, and traffic to anywhere on that class c goes through the tunnel. This is important if you have say a broadband connection and you want to be able to use the internet while being connected to your vpn.

    any questions/comments email spoonm at hotmail.com