Network Manager, PPTP

After this post by Stephen Thorne I was inspired to get PPTP tunneling working with network manager so I can easily get online at LCA2007, and you all can't see what I'm surfing. The plan is to tunnel back through my house. Here is a terse overview of what I did

  1. Install network-manager package.

  2. Remove entries from /etc/network/interfaces. That pretty much gets network manager working.

  3. Restart network manager with sudo /etc/dbus-1/event.d/25NetworkManager restart. Generally do this after you fiddle with anything behind network-managers back.

  4. Look for network-manager-pptp package, realise it is only on Ubuntu. Rebuild for debian. Install and restart

  5. On my home router, forward port 1723 to my server.

  6. Install pptpd package on server.

  7. # modprobe ppp_mppe on server and laptop

  8. # echo "ianw pptpd password *" > /etc/ppp/chap-secrets on server

  9. Modify the IP paramters in /etc/pptpd.conf on server to be sane.

  10. Modify /etc/ppp/pptpd-options on server to send a local DNS server.

  11. Enable IP forwarding in /etc/sysctl.conf on server

  12. Now, back to my laptop, I add a new VPN connection with network-manager. You can put the following in a file and "import" it, and it may work.

    [main]
Description=wienand
Connection-Type=pptp
PPTP-Server=my.home.server
Use-Peer-DNS=yes
Encrypt-MPPE=no
Encrypt-MPPE-128=yes
Compress-MPPC=no
Compress-Deflate=no
Compress-BSD=no
PPP-Lock=yes
Auth-Peer=no
Refuse-EAP=no
Refuse-CHAP=no
Refuse-MSCHAP=no
MTU=1416
MRU=1416
LCP-Echo-Failure=10
LCP-Echo-Interval=10
PPP-Custom-Options=
Peer-DNS-Over-Tunnel=yes
X-NM-Routes=
Use-Routes=no

    The big trick for me was having Auth-Peer turned off Restart network-manager after this.

  13. Attempt to connect to your new VPN via network-manager. If you are very lucky, it will "just work". If you are unlucky, you will spend the next few hours staring at the syslogs on both server and client, after turning up the level of debugging for both.

My only problem now is how do I get a domain suffix to my laptop so I can easily get to my home network resources, which all live at server.wienand.home, without editing /etc/resolv.conf by hand? Any suggestions welcome!

apps arch badcode c code debian general gnome hacks hosting humor junkcode linux music openstack personal python review talks tips toys web weblog