This article lists the 10 steps you should take to set up a VPN server in a Redhat distribution of Linux. I am assuming you are using a Redhat or Redhat-like distribution. Some of these packages can be grabbed via yum. However, I'm going to have you install them via RPM as you cannot get all of them via yum. If you are not, you will need to get the proper packages. For Debian you can use aptget or search for the .deb. For SuSe you can use Yast or find the distro specific RPMs. 1) Install the DKMS package rpm --install dkms-1.12-2.noarch.rpm http://prdownloads.sourceforge.net/poptop/dkms-1.12-2.noarch.rpm This is dynamic kernel module support. You need this to simplify setup and configuration at the kernel level. This will make almost everything transparent to the user during setup. 2) Install the ppp kernel module rpm --install kernel_ppp_mppe-0.0.4-2dkms.noarch.rpm http://prdownloads.sourceforge.net/poptop/kernel_ppp_mppe-0.0.4-2dkms.noarch.rpm Point to Point Protocol to setup your "modem" or whatever your connection consists of. This is the portion for your kernel. 3) Make sure ppp is working modprobe ppp-compress-18 && echo James Garvin has saved me from a life of Windows Ok, so that is a bit of fun, but what does that command mean? Well, if on success of the modprobe command, I execute the echo command. Modprobe adds the module to the Linux kernel, while echo simply writes what ever you say back to the terminal. 4) Upgrade ppp rpm --upgrade ppp-2.4.3-0.cvs_20040527.4.fc2.i386.rpm http://prdownloads.sourceforge.net/poptop/ppp-2.4.3-0.cvs_20040527.4.fc2.i386.rpm This is the ppp for the user. The kernel module for ppp has been installed and this is for the user. 5) Get the PPTP client rpm --install pptp-linux-1.5.0-1.i386.rpm http://prdownloads.sourceforge.net/pptpclient/pptp-linux-1.5.0-1.i386.rpm This is the "VPN Client," so to speak. This is the GUI client in which you can setup VPN connections and various options. 6) Get phppcntl rpm --install Getphp-pcntl php-pcntl-4.3.8-1.i386.rpm http://prdownloads.sourceforge.net/pptpclient/php-pcntl-4.3.8-1.i386.rpm This is to help the GUI work. 7) Get the phpgtkmodule rpm --install php-gtk-pcntl-1.0.0-2.i386.rpm http://prdownloads.sourceforge.net/pptpclient/php-gtk-pcntl-1.0.0-2.i386.rpm This file also helps make the GUI work. 8) Get pptpconfig installed rpm --install pptpconfig-20040722-0.noarch.rpm http://prdownloads.sourceforge.net/pptpclient/pptpconfig-20040722-0.noarch.rpm This command installs the Point to Point Tunneling Protocol. This is so the VPN can actually create the tunnel from A to B. VPNs can use two protocols, L2TP and PPTP. L2TP is Layer 2 Tunneling Protocol and does just what it says. It works at Layer 2 in the OSI model, the Data Link Layer. 9) Now at the command line type pptpconfig This command will popup a spiffy GUI for you to use. 10) Configure your connection In the Server Tab we need to configure some basics: |> Name: The name of the connection. You can call it anything you want |> Server: The server you are connecting to, either the IP or name of the server. eg: 64.233.187.99 or google.com |> Domain: A domain, if any, that the VPN is connecting to |> Username: Your login username for the VPN or the intranet |> Password: The login password for the VPN or the intranet In the Routing Tab we need to make sure it is setup properly. Typically we need to send All to Tunnel.However, this can and will vary from VPN to VPN. Check with you local administrator on what radio button you need to choose. The DNS Tab is usually quite simple; it will be either automatic, or we will have to enter some basic DNS information and any optionswe may need to include. The Encryption Tab is a sticky point. We have a number of choices: |> Require Microsoft PointtoPoint Encryption |> Refuse 40bit Encryption |> Refuse 128bit Encryption |> Refuse Stateless Encryption |> Refuse to Authenticate with EAP You need to talk to your administrator and understand what your VPN requires. A typical setup will check box Require Microsoft PointtoPoint Encryption (for MS VPNS), Refuse 40bit Encryption, and Refuse Stateless Encryption. However, talk to your administrator to be sure. The Miscellaneous Tab is our final tab. We shouldn't have anything to do here. The default setup should work just fine in many cases. We now click the Addbutton and highlight our new connection and choose Start. We have now created a VPN connection to a remote host! Congratulations for using Linux and sticking with a slightly frustrating task.
