• О проекте
  • Контакты
  • Форум
Главное меню
  • На главную
  • Поиск
Разделы
  • SysAdmin
    • Linux
      • Apache
      • Dial-in сервера
      • DNS
      • Gentoo
      • Samba
      • SpamAssassin
      • FTP
      • IPTables
      • LDAP
      • Почтовые системы
      • Программирование под Linux
      • Разное
      • KDE
      • SSH
      • SQL
      • Crypto
    • Microsoft
      • ISA
      • Exchange Server
      • Active Directory
      • Outlook
      • Windows Server
      • Windows XP/Vista/7
    • Citrix
    • Cisco
    • Mikrotik
    • PBX и VoIP
    • Virtual
    • Asterisk
  • Разное интересное
  • tmp
Login Form



  • Забыли пароль?
  • Забыли логин?

PostHeaderIcon HOWTO PPP Dial In Server

Взято:http://www.gentoo-wiki.info/HOWTO_PPP_Dial_In_Server

Contents

  • 1 Introduction
  • 2 Goals
  • 3 Hardware Requirements
  • 4 Software Requirements
  • 5 Configure your kernel
    • 5.1 Get the latest source
    • 5.2 Patch the kernel
    • 5.3 Configure your kernel
    • 5.4 Compile your kernel
  • 6 Get the tools
    • 6.1 Necessary packages
    • 6.2 Configuring portage

Introduction

The point of this HOW-TO is to explain how to setup a dial-in PPP server with dial back support. The reason for this how-to is that at the time of writing, the linux pppd only supports the CBCP client protocol. This led to hours of frustraion for me to do something as simple as call back and I am sure that this will help someone else.

Goals

My goals for this project was to setup a PPP dial-in / dial-back server authing off a Microsoft Active Directory Server. The server would have to support MPPE (encryption) and optionally support MPPC. (compression) All access would be controlled from the Active Directory server.

Hardware Requirements

  1. You should have a modem or modems. I used the Eicon Diva Server PRI card which can support 30 simultaneous calls.

Software Requirements

  1. You should have a Linux system and you should be familiar with kernel installation.
  2. If you want to auth via Active Directory, you will need to install the Microsoft Internet Authentication Service.
  3. A patched kernel with the MPPE/MPPC module if this is a requirement.
  4. A patched pppd that support CBCP server.
  5. mgetty to answer incoming calls.

Configure your kernel

Get the latest source

Make sure you have recent kernel (version numbers are reflecting latest version at the time of this writing, and will likely differ as time goes by):

emerge gentoo-sources
cd /usr/src
unlink linux
ln -sf linux-2.6.14-gentoo-r5 linux (change according to your kernel version)

Patch the kernel

You have to get the patch and apply it to your kernel sources. Download it from here. Make sure you match the patch version with you kernel version. (Note that use of this software in the US may violate patent law. See here)

Note: The patch for kernel 2.6.13 applies to 2.6.14 without errors. Linux 2.6.15 by has MPPE included by default. MPPC is however not part of it. You can still get MPPC to work by removing the MPPE patch that was integrated into 2.6.15 and then applying the MPPC/MPPE patch. (Suggestion from here.)

2.6 gentoo-sources kernel:

cd /usr/src
wget -c http://mppe-mppc.alphacron.de/linux-2.6.13-mppe-mppc-1.3.patch.gz link
cd linux
zcat ../linux-2.6.13-mppe-mppc-1.3.patch.gz | patch -p1

2.4 gentoo-sources kernel:

cd /usr/src
wget -c http://mppe-mppc.alphacron.de/linux-2.4.28-mppe-mppc-1.2.patch.gz link
zcat ../linux-2.4.28-mppe-mppc-1.2.patch.gz | patch -p1

Configure your kernel

I always compile these things as modules, don't know if they work otherwise. These are the recommendations from the pptpclient project, your connection will not need all of them, but for maximum flexibility/compatibility you should select all of these:

cd /usr/src/linux
make menuconfig

If a module has a --- instead of the selection box, another module required it, so it is already selected.

Kernel 2.6:

 Device Drivers --->
Networking support --->
PPP (point-to-point protocol) support
PPP support for async serial ports
PPP support for sync tty ports
PPP Deflate compression
PPP BSD-Compress compression
Microsoft PPP compression/encryption (MPPC/MPPE)
Cryptographic options --->
[*] Cryptographic API
[*] HMAC support
MD5 digest algorithm
SHA1 digest algorithm #this one is required
SHA256 digest algorithm
SHA384 and SHA512 digest algorithms
DES and Triple DES EDE cipher algorithms ###this one is commonplace too (recommended)
ARC4 cipher algorithm #this one is required

Kernel 2.4:

Network device support  --->
PPP (point-to-point protocol) support
PPP support for async serial ports
PPP support for sync tty ports
PPP Deflate compression
PPP BSD-Compress compression
Microsoft PPP compression/encryption (MPPC/MPPE)
Cryptographic options --->
[*] HMAC support
MD5 digest algorithm
SHA1 digest algorithm #this one is required
SHA256 digest algorithm
SHA384 and SHA512 digest algorithms
DES and Triple DES EDE cipher algorithms ###this one is commonplace too (recommended)
AES cipher algorithms
ARC4 cipher algorithm #this one is required

 

Compile your kernel

Change arch and kernel name as appropriate:

Kernel 2.6:

make
make modules_install
mount /boot
cp arch/i386/boot/bzImage /boot/2.6.14-gentoo-r5

Kernel 2.4:

make dep
make
make modules
make modules_install
mount /boot
cp arch/i386/boot/bzImage /boot/2.4.28-gentoo-r8

Configure your bootloader as appropriate (in my case I use GRUB). For a quick GRUB reference look at Step 3 in HOWTO_Quick_GRUB, or look at Configuring the Bootloader on the Gentoo Handbook.

Don't forget to reboot into your new kernel.

Get the tools

Necessary packages

You will need the following packages:

net-dialup/mgetty
net-dialup/ppp

Unfortunately you will need to use a patched ppp which is not part of portage.

Configuring portage

You will have to install or recompile ppp with the mppe-mppc dhcp radius eap-tls USE flag. If you don't need any of the features mentioned, don't include them in your flags. Portage gives you several options for that:

You can edit /etc/make.conf and enable mppe-mppc dhcp radius eap-tls system-wide, by adding it to your USE variable:

File: /etc/make.conf
  USE="mppe-mppc dhcp radius eap-tls"

Alternatively, you can edit /etc/portage/package.use and enable the mppe-mppc USE flag to the ppp package only:

File: /etc/portage/package.use
  net-dialup/ppp mppe-mppc dhcp radius eap-tls

After you have configured the USE flag, emerge the packages:

emerge ppp
 

Copyright © 2010 MiaNet.RU.
All Rights Reserved.

Designed by tim.