Howtos / Articles

Connect to a PPTP VPN Server from Ubuntu Linux

This howto outlines how to connect to a PPTP VPN server from a Linux computer running Ubuntu (or a Ubuntu based distribution). It covers the installing of the PPTP VPN client, configuration, and connecting/disconnecting from the VPN connection.

Installing the PPTP client for Linux on Ubuntu

The PPTP VPN client package is packaged under the name “pptp-linux” in the Ubuntu repositories. You can install it using the following command:

$ sudo apt-get -y install pptp-linux

Configuring the PPTP VPN connection

Start by editing the chap-secrets file, which will contain the username and password to use for the new connection.

$ sudo nano /etc/ppp/chap-secrets

This is what a blank, default chap-secrets file looks like:

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses

Add in the username and password, along with a name to identify that this will be used for the PPTP VPN connection. In this howto I am using the name “workvpn”.

The format should be:

<username> <server_name> <password> <ip_address>

You can space out the sections if you want them to line up with the headings at the top of the file. A * character can be used for the IP address if you are assigned a IP address from the server.

Example chap-secrets file with the details entered:

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
vpnuser         workvpn password123             *

Save and exit the chap-secrets file.

Create a new ppp peers file for the new vpn connection. To make life easy, name it the same as the “server” section in the chap-secrets.

$ sudo nano /etc/ppp/peers/workvpn

Paste in the following lines, and modify to suit:

pty "pptp vpn.server.hostname.here.com --nolaunchpppd"
name vpnuser
remotename workvpn
require-mppe-128
file /etc/ppp/options.pptp
ipparam workvpn

Modify the VPN server address from “vpn.server.hostname.here.com” to either the IP address, or DNS hostname of the destination PPTP VPN server.

Modify the “name” parameter to use the username you set up in the chap-secrets file earlier.

The “remotename” parameter must match the “server” name in the chap-secrets file. The ipparam parameter is used for the route script later on. Keep it the same as the “remotename”  parameter to make things easier to manage and remember.

Save the file and exit the editor.

Create a route script that will get run after the PPP connection establishes.

$ sudo nano /etc/ppp/ip-up.d/99vpnroute

This script will get run whenever any PPP connection is established, so using the below script, we specify that the route is only added if the PPP connection that gets established is for “workvpn”.

#!/bin/bash

if [ "$PPP_IPPARAM" == "workvpn" ]; then
        route add -net 192.168.20.0/24 dev $PPP_IFACE
fi

Replace 192.168.20.0/24 with the network mask of the remote network you are connecting into. Make sure that your local LAN and the remote LAN aren’t on the same network range, or you may get connectivity issues.

If you need need to route more networks over the VPN connection, simply add another route line directly underneath the existing route line.

Save the file and exit the editor.

Make the vpn route script executable:

$ sudo chmod +x /etc/ppp/ip-up.d/99vpnroute

The configuration of the PPTP VPN connection is now complete.

Connecting to the PPTP VPN Server

To connect to the remote PPTP VPN server, issue the following command:

$ sudo pon workvpn

or

$ sudo pppd call workvpn

Where “workvpn” is the name used previously to identify the VPN connection.

To confirm that the connection is up, run ‘ifconfig’ to ensure a ppp interface gets created, and assigned an IP address.

If its all working so far, use ‘route -n’ to make sure the routes have been configured.

If the ppp connection doesn’t get established, check the /var/log/messages log file for errors:

$ sudo tail -n 50 /var/log/messages

Disconnecting from the PPTP VPN Server

The simplest way to disconnect from the PPP connection is to use the following command:

$ sudo poff workvpn

To kill all active PPP connections, you can use the following:

$ sudo killall pppd

or, to explicitly disconnect just one PPP session, assuming you know the PPP device name you want to disconnect, you can run the following command:

$ sudo kill `cat /var/run/ppp0.pid`

Replace ppp0 with the device name you wish to disconnect



Share this howto article!
  • Facebook
  • Twitter
  • Reddit
  • email

Leave a Reply

  

  

  

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>