Thursday, January 06, 2011

PPTP VPN in FreeBSD

This post is based on article at
https://www.dan.me.uk/blog/2010/02/07/pptp-vpn-in-freebsd-for-windows-xpvista7-clients/

Here’s a simple guide to setting up a VPN server on FreeBSD so that Windows clients can connect using their built-in VPN clients…

First, make sure your ports collection is up-to-date, then build poptop in /usr/ports/net/poptop:

# cd /usr/ports/net/poptop/
# make
# make install

Next we need to create a config file for poptop… create the file /usr/local/etc/pptpd.conf as follows:

nobsdcomp
pidfile /var/run/pptpd.pid
+chapms-v2
mppe-40
mppe-128
mppe-stateless

Next we need to create a PPP configuration file called /etc/ppp/ppp.conf (overwrite the existing file) as follows (edit the IPs to suit your network requirements):

loop:
set timeout 0
set log phase chat connect lcp ipcp command
set device localhost:pptp
set dial
set login
# Server (local) IP address, Range for Clients, and Netmask
set ifaddr 192.168.31.254 192.168.31.120-192.168.31.128 255.255.255.255
set server /tmp/vpn-in-%d “” 0177

loop-in:
set timeout 0
set log phase lcp ipcp command
allow mode direct

pptp:
load loop
disable pap
disable passwdauth
disable ipv6cp
accept dns
enable MSChapV2
enable mppe
disable deflate pred1
deny deflate pred1
set device !/etc/ppp/secure

Every line above except those ending with a colon(:) should be indented or ppp.conf will not work.

Next we need to create a file called /etc/ppp/secure with the following contents:

#!/bin/sh
exec /usr/sbin/ppp -direct loop-in

And set it to be executable with chmod 0755 /etc/ppp/secure – this script will be run automatically during the VPN setup process.

Now we need to add a login for the VPN (you can have multiple username/passwords in this file) called /etc/ppp/ppp.secret like so:

user1 pass1
user2 pass2
user3 pass3

And finally set the VPN server to start on bootup automatically by adding the following into /etc/rc.conf:

pptpd_enable=”YES”

Now startup the VPN server by running:

/usr/local/etc/rc.d/pptpd start

Your VPN server is now ready on your FreeBSD server and you’re ready to configure your Windows clients to connect to it.
Posted by at
Labels: , , ,

1 comment:

Anonymous said...

https://www.dan.me.uk/blog/2010/02/07/pptp-vpn-in-freebsd-for-windows-xpvista7-clients/

11:57 AM

Post a Comment

Subscribe to: Post Comments (Atom)