Linux PPTP VPN Client 설정하기

Ubuntu 에서 VPN Client 설정해보았다.

필요 패키지

pptp ppp pptp-linux

패스워드 지정

vim /etc/ppp/chap-secrets

: ID / PW 지정

takakocap * 패스워드 *

clinet 설정파일 생성

vim /etc/ppp/peers/kenseivpn

pty "pptp 접속아이피 or 도메인 --nolaunchpppd" name VPNID  remotename PPTP file /etc/ppp/options.pptp ipparam kenseivpn

clinet 접속후 모든 트래픽이 VPN 서버를 통하지 않는다면  아래 스크립트를 삽입해보자

vim /etc/ppp/ip-up.d/route-traffic

#!/bin/bash NET="10.0.0.0/8" IFACE="ppp0" #IFACE=$1 route add -net ${NET} dev ${IFACE}

그냥 VPN 접속후 수동으로 아래 명령 날려줘도 될 듯 하다

ip route add 10.0.0.0/8 dev ppp0

실행권한 주기

chmod +x /etc/ppp/ip-up.d/route-traffic

pppd 접속하기

pppd call kenseivpn

error1) 

root@iwinvhelper-9214:/etc/ppp/peers# pppd call kenseivpn  pppd: The remote system (PPTP) is required to authenticate itself pppd: but I couldn't find any suitable secret (password) for it to use to do so.

resolve) /etc/ppp/options

auth --> #auth auth --> noauth

정상접속시 VPN 서버로 부터 아이피 할당받음

ppp0      Link encap:Point-to-Point Protocol             inet addr:10.0.0.2  P-t-P:VPN 아이피  Mask:255.255.255.255           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1           RX packets:4054 errors:0 dropped:0 overruns:0 frame:0           TX packets:3765 errors:0 dropped:0 overruns:0 carrier:0           collisions:0 txqueuelen:3            RX bytes:3717232 (3.7 MB)  TX bytes:394976 (394.9 KB)

SYSLOG 접근 로그 

cat /var/log/syslog

Feb  2 14:17:53 choman-pc pppd[6005]: pppd 2.4.5 started by root, uid 0 Feb  2 14:17:53 choman-pc pppd[6005]: using channel 4 Feb  2 14:17:53 choman-pc pppd[6005]: Using interface ppp0 Feb  2 14:17:53 choman-pc pppd[6005]: Connect: ppp0 <--> /dev/pts/9 Feb  2 14:17:53 choman-pc NetworkManager[853]:    SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp0, iface: ppp0) Feb  2 14:17:53 choman-pc NetworkManager[853]:    SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp0, iface: ppp0): no ifupdown configuration found. Feb  2 14:17:53 choman-pc NetworkManager[853]: <warn> /sys/devices/virtual/net/ppp0: couldn't determine device driver; ignoring... Feb  2 14:17:53 choman-pc pptp[6007]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activated Feb  2 14:17:53 choman-pc pptp[6018]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request' Feb  2 14:17:53 choman-pc pptp[6018]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply Feb  2 14:17:53 choman-pc pptp[6018]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established. Feb  2 14:17:54 choman-pc pppd[6005]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x648106a9> <pcomp> <accomp>] Feb  2 14:17:54 choman-pc pptp[6018]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request' Feb  2 14:17:54 choman-pc pptp[6018]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply. Feb  2 14:17:54 choman-pc pptp[6018]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 2048). Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth eap> <magic 0x88d8be48> <pcomp> <accomp>] Feb  2 14:17:54 choman-pc pppd[6005]: sent [LCP ConfNak id=0x1 <auth chap MS-v2>] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x648106a9> <pcomp> <accomp>] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <auth chap MS-v2> <magic 0x88d8be48> <pcomp> <accomp>] Feb  2 14:17:54 choman-pc pppd[6005]: sent [LCP ConfAck id=0x2 <asyncmap 0x0> <auth chap MS-v2> <magic 0x88d8be48> <pcomp> <accomp>] Feb  2 14:17:54 choman-pc pppd[6005]: sent [LCP EchoReq id=0x0 magic=0x648106a9] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [CHAP Challenge id=0x22 <f00dcc6e484406f01258ebaa55bd543e>, name = "pptpd"] Feb  2 14:17:54 choman-pc pppd[6005]: sent [CHAP Response id=0x22 <aff2a25cdc30749014a0fbbe184240960000000000000000c658d48f2ec1ab87b7cbc859bfef12524a59e978f896ff8e00>, name = "takakocap"] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [LCP EchoRep id=0x0 magic=0x88d8be48] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [CHAP Success id=0x22 "S=CD7E49A23A2DE792E7A25D964BECABB56302C3E4 M=Access granted"] Feb  2 14:17:54 choman-pc pppd[6005]: CHAP authentication succeeded Feb  2 14:17:54 choman-pc pppd[6005]: sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [CCP ConfReq id=0x1 <deflate 15> <deflate(old#) 15>] Feb  2 14:17:54 choman-pc pppd[6005]: sent [CCP ConfReq id=0x1] Feb  2 14:17:54 choman-pc pppd[6005]: sent [CCP ConfRej id=0x1 <deflate 15> <deflate(old#) 15>] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr >] Feb  2 14:17:54 choman-pc pppd[6005]: sent [IPCP ConfAck id=0x1 <compress VJ 0f 01> <addr >] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [IPCP ConfNak id=0x1 <addr 10.0.0.2>] Feb  2 14:17:54 choman-pc pppd[6005]: sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 10.0.0.2>] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [CCP ConfAck id=0x1] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [CCP ConfReq id=0x2] Feb  2 14:17:54 choman-pc pppd[6005]: sent [CCP ConfAck id=0x2] Feb  2 14:17:54 choman-pc pppd[6005]: rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 10.0.0.2>] Feb  2 14:17:54 choman-pc pppd[6005]: local  IP address 10.0.0.2 Feb  2 14:17:54 choman-pc pppd[6005]: remote IP address VPN 아이피 Feb  2 14:17:54 choman-pc pppd[6005]: Script /etc/ppp/ip-up started (pid 6023) Feb  2 14:17:54 choman-pc kernel: [13103.920857] Loading kernel module for a network device with CAP_SYS_MODULE (deprecated).  Use CAP_NET_ADMIN and alias netdev- instead. Feb  2 14:17:54 choman-pc pppd[6005]: Script /etc/ppp/ip-up finished (pid 6023), status = 0x0

프로세스 종료

killall pppd kill {pppd-PID}

pptp 종료시 route 명령어를 통하여 ppp로 가는 라우팅이 잡혀 있으면 제거해야 한다

pptp 종료후 통신이 안될 수 있음

참고사이트

http://lib.linuxlab.co.kr/docs/linux-client.htm http://www.cyberciti.biz/tips/howto-configure-ubuntu-fedora-linux-pptp-client.html  http://pptpclient.sourceforge.net/howto-diagnosis.phtml#lcp_timeout