[PLUG] Replacing a Windows PPTP server with Linux
Matt Alexander
lowbassman at gmail.com
Wed Feb 23 01:35:43 UTC 2005
I recently replaced a Windows PPTP server with Linux. Here's what I
did incase anyone else would like to do the same.
This is a Fedora Core 3 box.
I installed the following from www.poptop.org:
dkms-2.0.5-1.noarch.rpm
kernel_ppp_mppe-0.0.5-2dkms.noarch.rpm
pptpd-1.2.3.tar.gz
Then I built and installed pppd from source from ppp.samba.org
(patched to use winbind):
ppp-2.4.3.tar.gz
Next, I setup smb.conf:
[global]
workgroup = mydomain
realm = mydomain.com
server string = myservername
load printers = no
log file = /var/log/samba/%m.log
security = ads
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = no
domain master = no
preferred master = no
wins server = 172.16.1.100
dns proxy = no
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind use default domain = yes
Then join the computer to the domain:
net join -U somedomainadmin
Edit /etc/pptpd.conf:
option /etc/ppp/options.pptpd
ppp /usr/local/sbin/pppd
localip 172.16.4.50
remoteip 172.16.100.100-150
Edit /etc/ppp/options.pptpd
lock
debug
noauth
name pptpdev
nobsdcomp
proxyarp
refuse-pap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 172.16.1.100
ms-dns 172.16.2.100
defaultroute
plugin winbind.so
ntlm_auth-helper "/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1"
Enable IP forwarding in /etc/sysctl.conf:
net.ipv4.ip_forward = 1
Startup winbind:
service winbind start
Startup pptpd:
/usr/local/sbin/pptpd
Power down old Windows VPN server:
Start -> Shutdown...
More information about the PLUG
mailing list