za da ne se 4udim Vsi4ki kak stava it.....
etogo go originalnia help
Installing and Running PPTP on Linux
Use the following steps to install and then run PPTP (the
point-to-point Tunnelling Protocol) on your Linux machine.
These instructions, unless otherwise documented, apply to
Linux on both Alpha and x86 architectures.
Requirements and restrictions
Updating the RedHat 6.2 distribution
Obtaining the PPTP RPMs and configuration file
Installing the files
Setting up PPTP
Starting PPTP
Stopping PPTP
Issuing PPTP commands from the shell prompt
Getting help and contacting us
Requirements and Restrictions
The requirements and restrictions can be separated into
those for the RPMs and those for the network connection
information you will need to set up the tunnelling on the
remote system.
RPM Requirements and Restrictions
The RPMs for PPTP support have been tested on RedHat 6.2
with the specified updates, and work as described on that
distribution.
The RPMs may work on other Linux distributions that employ a
comparable kernel -- but this has not been tested.
The RPMs do not currently work with the Linux 2.4 kernel.
However, stay tuned because work in this area is
progressing.....
Network Connection Information
You should know the following information about the network
into which you are connecting before you begin this
procedure. You can probably get this information from the
group that supports that network if you do not already know
it.
Default search domain
DNS server IP addresses
IP address of the PPTP server (which supports stateless
mode)
Routes to hosts beyond the PPTP server
Back to top
Obtain and Install the Necessary Updates to the RedHat 6.2
Distribution
Significant corrections were made to various modules in the
6.2 distribution that apply to PPTP, such that you should
download and install all available update RPMs, as follows:
On your machine, cd to some temporary directory (for
example, tempdir) that does not contain any RPMs.
Go to the following anonymous ftp site:
[tempdir]# ftp updates.redhat.com
Use anonymous as your username and your email address as the
password.
cd to 6.2 and then cd to noarch to download a few updates
that are not specific to a particular architecture:
ftp> cd 6.2
ftp> cd noarch
Do a directory operation to verify:
ftp> ls
That should display a few RPM files of the correct type.
Enable binary mode:
ftp> binary
Obtain all the noarch update RPMs:
ftp> mget *.rpm
Return to the 6.2 directory:
ftp> cd ..
cd to the Alpha or x86 directory, as appropriate:
ftp> cd alpha (or i386)
Do a directory operation to verify:
ftp> ls
That should display a lot of RPM files of the correct type.
Enable binary mode:
ftp> binary
Obtain all the update RPMs:
ftp> mget *.rpm
Once all the RPMs have downloaded, quit ftp and install the
RPMs. Use the RPM -Fvh options to install only those updates
for which you've installed modules.
ftp> quit
.
.
[tempdir]# rpm -Fvh *
If the command displays an error that indicates a dependency
problem (that package foo depends on package bar), install
package bar first by using 'rpm -Uvh bar.arch.rpm' and then
repeat 'rpm -Fvh *'.
When the RPMs have been installed, delete them to recover
some space:
[tempdir]# rm -f *.rpm
Back to top
Obtain the PPTP RPMs and an Optional Site-Specific
Configuration File
You need two RPMs to install PPTP.
Although not a requirement, you can obtain an example
site-specific drop-in configuration file that can be set up
by you or someone in the support group for the network into
which you are tunnelling. (This configuration file can then
be used by anyone else who wants to tunnel into that
network, significantly automating the setup process.)
If using the Netscape browser, hold the shift key down while
you click on a file to transfer it rather than display it.
Go to this external site to get the two RPMs that are
appropriate for either Alpha or x86 (the distinction will be
obvious): http://merced.needsabeating.com/pptp.html
While at this site, you can also get the example drop-in
configuration file, which, when properly completed, works
correctly under both Alpha and x86. (You should get this
file even if you do not intend to use it because it shows
you (or the support group for your network) exactly what
information you will otherwise need to supply in the setup
procedure.)
Put the RPMs and the drop-in configuration file in some
temporary directory (for example, tempdir) on your system.
Back to top
Install the Files
Execute the following commands to install the RPM files:
cd to the directory into which you downloaded the RPMs (for
example, tempdir).
Change to root:
[tempdir]# su root
Install the RPMs. Allow RPM to determine the installation
order:
[tempdir]# rpm -Uvh pp*.alpha.rpm
If you complete the drop-in configuration file (renamed to
config_file in this procedure), install it by copying it to
its directory:
[tempdir]# cp config_file /etc/pptp.d/
Back to top
Set Up PPTP with the Command Script
The PPTP command script, pptp-command, lets you:
Set up necessary internal communications files
Choose tunnels
Connect to tunnels
Disconnect from tunnels
Restore your various communications files (like resolv.conf)
to their default state
Choose a default tunnel
Issue pptp commands from the shell prompt
Do the following to set up PPTP. In the following sequences,
the text you enter is shown in bold.
Run the pptp script:
[yoursys pptp]# pptp-command
The script runs and displays the following list. Choose item
3:
1.) start
2.) stop
3.) setup
4.) quit
What task would you like to do?: 3
The setup portion of the script runs and displays the
following list. Choose item 2:
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) List PPTP Tunnels
5.) Add a NEW PPTP Tunnel
6.) Delete a PPTP Tunnel
7.) Configure resolv.conf
8.) Select a default tunnel
9.) Quit
?: 2
The script displays your choice, together with information
about specifying a local name:
Add a NEW CHAP secret.
NOTE: Any backslashes (\) must be doubled (\\).
Local Name:
This is the 'local' identifier for CHAP authentication.
NOTE: If the server is a Windows NT machine, the local name
should be your Windows NT username including
domain.
For example:
domain\\username
Local Name: your_domain\\your_username
The script prompts you for the remote name; take the
default:
Remote Name:
This is the 'remote' identifier for CHAP authentication.
In most cases, this can be left as the default. If must be
set if you have multiple CHAP secrets with the same local
name
and different passwords. Just press ENTER to keep the
default.
Remote Name [PPTP]:
The script prompts you for your password, which is the
password you normally use to log into your system at work
(the system to which you are tunnelling -- the remote
system).
Password:
This is the password or CHAP secret for the account
specified. The
password will not be echoed.
Password: your_password
Adding secret your_domain\\your_username PPTP *****
The script again displays the list for input. Choose 5:
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) List PPTP Tunnels
5.) Add a NEW PPTP Tunnel
6.) Delete a PPTP Tunnel
7.) Configure resolv.conf
8.) Select a default tunnel
9.) Quit
?: 5
The script displays your choice and any list of tunnels that
were defined in the drop-in configuration file.
If the drop-in configuration file was not completed and
installed, the only tunnel displayed is "Other" and you must
choose 1. If the configuration file was previously completed
and installed, the script displays the list of tunnels
specified in that file. This step assumes no configuration
file; otherwise, select the tunnel you want and go to step
8.
Note that the rest of this step shows example values that
are for illustration only. Do not specify these example
values; instead use those that are correct for your network
connection.
Add a NEW PPTP Tunnel.
1.) Other
Which configuration would you like to use?: 1
Tunnel Name: my_work_tunnel
Server IP: 192.168.0.1
What route(s) would you like to add when the tunnel comes
up?
This is usually a route to your internal network behind the
PPTP server.
You can use TUNNEL_DEV and DEF_GW as in /etc/pptp.d/ config
file
TUNNEL_DEV is replaced by the device of the tunnel
interface.
DEF_GW is replaced by the existing default gateway.
The syntax to use is the same as the route(8) command.
Enter a blank line to stop.
route: add -host 16.47.207.244 gw DEF_GW
route: add -net 16.0.0.0/8 TUNNEL_DEV
route:
The script displays information about your choice and
redisplays the list. From the list, choose 7 to configure
resolv.conf:
Local Name and Remote Name should match a configured CHAP
secret.
Local Name is probably your NT domain\username.
NOTE: Any backslashes (\) must be doubled (\\).
Local Name: your_domain\\your_username
Remote Name [PPTP]:
Adding my_work_tunnel - 192.168.0.1 -
your_domain\\your_username - PPTP
Added tunnel my_work_tunnel
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) List PPTP Tunnels
5.) Add a NEW PPTP Tunnel
6.) Delete a PPTP Tunnel
7.) Configure resolv.conf
8.) Select a default tunnel
9.) Quit
?: 7
The script asks about resolv.conf; take the default.
If you have used a configuration file, choose the option
that is not "Other" (that option is displayed by the
configuration file) and go to Step 10.
If you have not used a configuration file, choose "Other",
which prompts for more information (do not use the examples
shown here):
Use a PPTP-specific resolv.conf during tunnel connections?
[Y/n]:
1.) Other
Which configuration do you want to use?: 1
What domain names do you want to search for partially
specified names?
Enter all of them on one line, seperated by spaces.
Domain Names: hlo.foo.bar
Enter the IP addresses of your nameservers
Enter a blank IP address to stop.
Nameserver IP Address: 192.168.0.2
Nameserver IP Address: 192.168.0.3
Nameserver IP Address:
The script displays information about resolv.conf and
redisplays its list. Select a default tunnel by choosing 8
and then choose 9 to quit the procedure:
Copying /etc/resolv.conf to /etc/resolv.conf.real...
Creating link from /etc/resolv.conf.real to
/etc/resolv.conf
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) List PPTP Tunnels
5.) Add a NEW PPTP Tunnel
6.) Delete a PPTP Tunnel
7.) Configure resolv.conf
8.) Select a default tunnel
9.) Quit
?: 8
1.) my_work_tunnel
2.) cancel
Which tunnel do you want to be the default?: 1
1.) List CHAP secrets
2.) Add a New CHAP secret
3.) Delete a CHAP secret
4.) List PPTP Tunnels
5.) Add a NEW PPTP Tunnel
6.) Delete a PPTP Tunnel
7.) Configure resolv.conf
8.) Select a default tunnel
9.) Quit
?: 9
You are returned to your system prompt.
Back to top
Start PPTP with pptp-command
Note that you must be running with root privileges to start
PPTP.
You start PPTP with pptp-command by running the script and
choosing 1:
[your_sys pptp]# pptp-command
1.) start
2.) stop
3.) setup
4.) quit
What task would you like to do?: 1
1.) my_work_tunnel
Start a tunnel to which server?: 1
Tunnel my_work_tunnel is active on ppp0. IP Address:
173.17.217.32
Route: add -net 16.0.0.0/8 ppp0 added
All routes added.
Installed /etc/resolv.conf.pptp as /etc/resolv.conf
Back to top
Stop PPTP with pptp-command
You should always stop PPTP when you are done with the
tunnel because pptp-command then correctly restores the link
to your file resolv.conf. To stop PPTP:
[your_sys pptp]# pptp-command stop
Back to top
Issuing PPTP Commands from the Shell Prompt
You can issue PPTP commands directly from the shell prompt
(without displaying the command list) by running the script
followed by any of the following commands:
start
stop
setup
quit
For example, the following command stops PPTP when you are
done with the tunnel:
[your_sys pptp]# pptp-command stop
Back to top
Need Help?
If you get stuck and want help, contact the Compaq Open
Source support site and post your questions.
Contact Us!
After you get PPTP working, please log into the Compaq Open
Source support site and post what kind of system you are
using, and so forth. This information is very valuable to us
and others who are using PPTP and everyone appreciates it.
Acknowledgements
The following people are mainly responsible for making this
all work:
Vasudevan Arasanipalai
Brian Fisk
Doug Larrick
Robert Muth
Jack Perveiler
Kenneth Schalk
Alan Sherlock
Peter Soderquist
Scott Venier
Jeff Wiedemeier
Written by Charlie Greenman
Maintained by Scott Venier
Revision 1.0.4, January 11, 2001
Back to top
ZA6OTO NIAMA SMISAL OT POLU ISTINI
|
