pptpconfig dotpup to setup PPTP VPN connection

[HairyWill]

Here's my first software contribution, to install pptpconfig plus required libraries: http://www.ecs.soton.ac.uk/~wmd04r/puppy/pptpconfig.pup For anyone that wants it the source and build script are at the same location: http://www.ecs.soton.ac.uk/~wmd04r/puppy/

It provides a GUI, pptpconfig to assist in setting up PPTP VPN connections.
pptpconfig:Primary author and maintainer: James Cameron <quozl@us.netrek.org> website: http://quozl.netrek.org/pptp/pptpconfig/
If the debug info option is enabled it will give infomation that may help in troubleshooting a non-working connection. See the pptpclient site at http://pptpclient.sourceforge.net/ for explanations of error messages and also for help on encryption settings.
I still haven't worked out how to get my VPN connection to work without using pptpconfig.
I have not included an upgrade for pptpclient, if you are having problems connecting then upgrading the version included with puppy might help.

INCLUDED:
libglade-0.17
libxml-1.8.9
php-4.4.4 (compiled for pcntl support)
php_gtk-1.0.2
pptpconfig-20060821

With the exception of pptpconfig, I have pruned these packages extensively. PHP in particular has had all but the minimum functionality to allow pptpconfig removed.
WARNING: If you already have PHP installed then the PCNTL version of PHP included here may mess up your existing php.

LIMITATIONS
1) The current busybox implementation of the 'ip' command seems to be lacking some functionality you will probably need to replace it with a full version. I use one from Ubuntu Dapper that works well for me. I am unsure of the licensing issues invoved in distributing this file so you can either find your own or PM me on the forum and I should be able to help.
2) pptpconfig doesn't manage to get my DNS working and screws it up after the tunnel is closed. After you get a VPN tunnel up you will need to put a nameserver entry into /etc/resolv.conf, for example:
sh-3.00# echo 'nameserver 152.78.70.1' > /etc/resolv.conf
I don't know how you automatically find the address of a DNS server if pptpconfig doesn't tell you.
After you have closed the tunnel to restore your DNS server do:
sh-3.00# cp /etc/resolv.conf.sv /etc/resolv.conf

[MU]

mirror (with screenshot):
http://dotpups.de/dotpups/Network/pptpc ... pGtk-4.4.4

I added a dotpup with "ip" (only 1 file, it overwrites /bin/ip from busybox).
The full iproute.deb is in the /source folder, but should/might no be required. It could be installed with PSI.

I just tested if the grafical program starts, but did not test the functionality of the whole program itself.

Fine to see our first PHP/Gtk application in Puppy
I wrote some smaller programs with it myself some years ago.
Mark

P.s. now I know what your nick means

[HairyWill]

Thanks MU I hope somebody finds it useful.
I've never tried programing in PHP-GTK myself. It was a bit of a learning curve to get it working on puppy. It took me a while to work out that libxml2 and libglade2 didn't provide the neccessary libs.

P.s. now I know what your nick means

hair... is redundant.

[ivanivanovbg]

Thanks MU I hope somebody finds it useful.
I've never tried programing in PHP-GTK myself. It was a bit of a learning curve to get it working on puppy. It took me a while to work out that libxml2 and libglade2 didn't provide the neccessary libs.

P.s. now I know what your nick means

hair... is redundant.

I am using puppy 2.14 live CD. My internet provider uses vpn connection over lan. It works pretty well under windows, but I cann't set it to work under puppy 2.14 live cd.
I would be very grateful if someone help me. Thanks in advance!

[RobertB]

I got out of 2am system checks because I didn't have a Windows box at home, but my sympathy for my co-workers got the better of me. I tried the Cisco VPN client in Pizzasgood's PCPuppyOS, but it didn't connect to the work server at all. Luckily, our guy who requests IDs suggested searching on PPTP, which led (eventually) to this thread!

From the internal network, RemoteDesktopClient (and RDesktop) works great! Once all the access was set up, I was able to connect to my Windows workstation after all.

But outside of the internal network, I need to use PPTP. The packages from HairyWill do everything promised... I installed the pptpconfig.pup and his version of the "IP" command, and it runs with diagnostic messages in a window and everything.

The result: bad. I couldn't get to anything on the work network, and in fact I couldn't get to anything at all. The only thing I could successfully do was ping the VPN server... and then only by IP address, not by vpn.mycompanyname.com (not a real vpn server ).

It took a lot of poking and learning about VPN tunnelling to figure out what I was doing wrong. The default setting doesn't redirect all network requests! It was configured to only redirect those requests going to the IP address of the VPN server. I figured this out when I finally realized the significance of the two network connection icons in the system tray: the only thing that caused the ppp0 icon to blink was pinging the server.

So I went to the second tab ("network", I think -- I'm sitting at my work box now) and told pptpconfig to route ALL network traffic via the VPN tunnel. And found a bug! As soon as I attempted any network activity (or if something tickled the network automatically), the "to server" light on the ppp0 icon turned solid green, and the byte counter on the pptpconfig status screen went haywire. In just a few minutes, it had pushed 100MB down the pipe! Fortunately, nobody else at Schlotzky's was using the network, and I haven't gotten a call from the network guys here! I stopped it (using the buttons on the interface) and things terminated normally.

Lucky for me, there's another option -- to specify IP ranges to redirect. I simply specified 256.512.0.0/16 (obviously not the actual IP), and I was all set. Pinging 256.512.x.x generated activity in both blinkies, and reached its target on the network. And remotedesktopclient worked! I get to wake up at 2am tonight, yay!

Still one glitch, though. I had to specify my PC's IP address to remotedesktopclient, because DNS still wasn't working. But I think that's because I didn't include 10.x.x.x -- the company nameservers referenced in /etc/resolv.conf after pptpconfig makes its connection. I bet when I add 10.0.0.0/24 to the IP Range list, it'll work just fine. And even if it doesn't, I've done what I (and everyone here) thought was impossible: using my outdated Linux box to get work done from home.

Now, making the whole thing work over my dialup connection... might be another issue entirely.

PS: I'm running Puppy 2.17 on an old Compaq P3 laptop.

Side note: Strangely, this thread doesn't come up on a forum search for "pptpconfig". I ended up posting most of this information in the remotedesktopclient thread.

[HairyWill]

glad you got it working
I think the forum search only includes posts less than a year old
pptpconfig
pptp
vpn
taken care of for another 12 months

I have to route everything via the tunnel for my connection to uni

dns seems to work ok for me at the moment, it is possible that my dns problems were caused by a less than perfect dhcp daemon in the version of puppy I was using.

[RobertB]

Thanks! I'm able to make it work, but not entirely consistently.

From the dialup at home, about half the time I get the infinite upload condition -- the outbound ppp0 "to server" light is solid, and the monitor shows 100+ MB per minute being sent. Unless Puppy has a way of giving a twisted-pair phone line the performance of a T-1, I think we've got a software glitch, and no actual transmission is occurring in that situation. Which is good, because I don't want to have to explain the situation to the network folks.

I still haven't been able to get internal DNS lookups working, but that may just be because I got it working using IP addies and haven't kept poking. The critical work-related stuff happens at 2am or 4am, which is not my primary hacking-around time.

If I get a chance, are there any log files I should grab next time the (not-so-)infinite upload occurs?

[HairyWill]

I'm afraid I'm not going to be much help.
You might learn something with the debugging option turned on that rings some bells at the sourceforge site linked in the first post.

It looks like debian based distros are moving over to a network manager plugin instead of pptpconfig but I haven't yet managed to make that work in my debian lenny install.

Which version of puppy are you using? It has worked for me with every trunk release since I created it. Though I'm not sure if it will still compile and I've only ever used with two VPN servers. It doesn't work at all in any of the dingo alphas and I don't think it ever will because of the GTK support needed.

good luck.

[RobertB]

I'm afraid I'm not going to be much help.
You might learn something with the debugging option turned on that rings some bells at the sourceforge site linked in the first post.

It looks like debian based distros are moving over to a network manager plugin instead of pptpconfig but I haven't yet managed to make that work in my debian lenny install.

Which version of puppy are you using? It has worked for me with every trunk release since I created it. Though I'm not sure if it will still compile and I've only ever used with two VPN servers. It doesn't work at all in any of the dingo alphas and I don't think it ever will because of the GTK support needed.

good luck.

I'm on 2.17 -- Puppy 3.01 doesn't seem to have ever really stabilized. If I find out anything else, I'll post it -- though for now, since it works at 2am, I bet I don't get a chance to poke it as much as I ought to.

[lalope]

Hi

Maybe you guys already knew this, but some VPN servers are set so all traffic must go through them; this might explain why this setting is required on some cases.

I also seem to have fallen into the infinite upload condition. Something else I've noticed is that after a few tries, it's unable to connect anymore (the "channel number" increases by 1 every time, I don't know if this is related to that).

In any case, even after I connect (I even get an IP for interface ppp0!) I haven't been able to connect to anything on the remote network... Gonna take a look on the http://pptpclient.sourceforge.net/ site, and hope some light shines

Regards

[paulh177]

It doesn't work at all in any of the dingo alphas and I don't think it ever will because of the GTK support needed.

Not so, Will, as we established here, which was under 4.1a4.
I haven't tested under 4.1a6 but might have a go if i have a minute

paul

[RobertB]

In any case, even after I connect (I even get an IP for interface ppp0!) I haven't been able to connect to anything on the remote network... Gonna take a look on the http://pptpclient.sourceforge.net/ site, and hope some light shines

Regards

That was the problem I had before I found the option to "route all through client", or something like that. But the last time I tried (last month), I got the infinite-connection problem most of the time, and the one time I got it to work I couldn't get remotedesktopclient to connect, so I gave up and went in to the office.

[HairyWill]

paul, sorry I wasn't reading carefully enough. I didn't realise that you had used pptpconfig to setp the tunnel. I presume you installed the gtk1 libs to get it to work.


lalope, so the problem is routing or maybe dns(?). My work policy insists that I route everything through the tunnel.

[paulh177]

will, yes i added gtk1 as you had suggested, plus petget detected a host of dependencies with that, so it is a bit messy . but it does work.

[lalope]

It worked one day (yielding the infinite upload condition), now it doesn't connect at all.
I get a "timeout sending LCP requests" or something of the sort; after some head banging it seems to me there's some traffic filtering at some point that filters out my GRE packets to the server (Windows server BTW, and it works from a Windows XP machine (not trying at the same time, I'm aware some servers may forbid two connections from same IP, and I'm behind a NAT)). So I intend to bang my head a bit harder against the wall, but only when I have some spare time...

Anyway, thanks for the package and good luck to all.

[RobertB]

Do you mean you kept trying until you got a connection without "infinite upload", or did you find a way to make it quit failing in that particular way?

[HairyWill]

Sometimes my router gets confused if I have a tunnel open from one machine, then close the tunnel and soon after try and open a tunnel from a different machine. I would recommend rebooting the router just in case.

I presume you have replaced the busybox ip command with the full one.

I don't use pptpconfig anymore. Here is the script I run by hand, it works in several puppy versions providing I have installed ip. The routing sends all traffic via the tunnel

Code: Select all

#!/bin/sh
cp /etc/resolv.conf /etc/resolv.conf.orig
pptp 152.78.A.B user MYNAME password MYPASSWORD hide-password noauth debug require-mppe

IP=$(ifconfig  | grep 'inet addr' | egrep -v '127.0.0.1|P-t-P' | cut -f 2 -d ':' | cut -f 1 -d ' ')
route -n #(after pppd exit)
echo
sleep 1
ip route replace 152.78.A.B via 192.168.1.1 dev eth0 src $IP
route del default
sleep 1
route -n
route add default dev ppp0
sleep 1
route -n #(after completion)

[lalope]

HairyWill, you're my new hero.

That script works exactly as advertised, I could connect to the VPN and see the servers.

Maybe I'll try some tweaking, but the important thing (the VPN!) is up and running.

Thanks a lot!

[paulh177]

The routing sends all traffic via the tunne

that's why i liked your pptpconfig, because you had sorted out the routing options so i could have the tunnel open and my vpn running but still use my browser, email etc accessing local machines and the rest of the internet transparently.
or have i misunderstood? (as so often with routing and ip ... )

paul

[HairyWill]

that's why i liked your pptpconfig

Just in case there is some misconception I didn't write it.
http://sourceforge.net/project/showfile ... p_id=33063