Unpack ppp source
tar zxvf ppp-2.4.1.tar.gz
Uncompress patches
gunzip ppp-2.4.1-openssl-0.9.6-mppe-patch.gz
gunzip ppp-2.4.1-MSCHAPv2-fix.patch.gz
Patch ppp source
patch -p0 < ppp-2.4.1-openssl-0.9.6-mppe-patch
patch -p0 < ppp-2.4.1-MSCHAPv2-fix.patch
Build ppp
cd ppp-2.4.1
./configure
make
make install
Patch linux kernel
-Make sure ppp_deflate and bsd_comp are either compiled into your kernel or compiled as modules.
guznip linux-2.4.16-openssl-0.9.6b-mppe.patch.gz
cp linux-2.4.16-openssl-0.9.6b-mppe.patch /usr/src/linux
cd /usr/src/linux
patch -p1 < linux-2.4.16-openssl-0.9.6b-mppe.patch
make modules SUBDIRS=drivers/net
make modules_install
-now might be a good time to reboot
Insmod modules
modprobe slhc
modprobe ppp_generic
modprobe bsd_comp
modprobe ppp_deflate
modprobe ppp_mppe
Compile poptop
tar zxvf pptpd-1.0.1.tar.gz
cd pptpd-1.0.1
./configure
make
make install
Setup ppp
cd /etc/ppp
touch ppp.conf
options should look something like:
lock
auth
+chap
+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless
chap-secrets should look like:
username * password *
/etc/ppptpd.conf should look like:
speed 115200
localip 10.0.1.200-210
remoteip 10.0.2.200-210
Start pptpd
/usr/local/sbin/pptpd
Log files
Look in /var/log/messages /var/log/syslog and /var/log/debug for error messages, if you want to increase verbosity you can add debug into /etc/ppp/options and /etc/pptpd.conf.
Windows setup
I tested this on Windows ME, Windows 2000, and Windows XP. ME and 2k connected at 40 bit encryption, but that should be able to go up to 128 with encryption patches (I know 2k has one, not sure about ME).
Windows XP connected at 128 bit encryption.
I will post screenshots of all the settings, but it is really easy to get it to connect.
One important thing to note is the "Use remote connections default gateway". If you use this, it will add the ppp server's ip as your default route. If you do not use this it will add a route entry for the class C you are assigned to (remoteip in pptpd.conf) and use your tunnel endpoint as the gateway, and traffic to anywhere on that class c goes through the tunnel. This is important if you have say a broadband connection and you want to be able to use the internet while being connected to your vpn.
any questions/comments email spoonm at hotmail.com