Linux pptp stumbling blocks that I was hit by
While configuring a pptp on a Linux box I bumped into the several smalish issues which I’d like to blog about.
- Make sure that your network engineers have enabled traffic inspection on all intermediate firewalls between tunnel’s endpoints. Otherwise LCP won’t be able to finish its configuration negotiation phase even if the control channel on TCP port 1723 was successfully established before that.
- If your are running Redhat Linux distro or any of its derivatives and want to start pptp tunnel using ifup command just do the following:
- Create a configuration file /etc/sysconfig/network-scripts/ifcfg-your_connection_name
In my case the content of the file is rather ascetic and depending on your requirements yours might have different options:
DEVICE=ppp0 ONBOOT=yes USERCTL=yes DEFROUTE=no PEERDNS=no
- Make sure that your_connection_name part of /etc/sysconfig/network-scripts/ifcfg-your_connection_name filename matches exactly with the one you have under /etc/ppp/peers/. Otherwise ifup simply won’t fly.
- Now you should be able to fire ip “ifup your_connection_name” and a just moment after you should have your tunnel up and running.
All you would get is the admonitions similar to the ones listed below:
pppd call connection_name debug nodetach using channel 5 Using interface ppp0 Connect: ppp0 <--> /dev/pts/2 sent [LCP ConfReq id=0x1] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] Modem hangup Connection terminated. Script pptp xxx.xxx.xxx.xxx --nolaunchpppd finished (pid 10385), status = 0x0
Just remember, that without working LCP there will be no ppp connection. Period.
Have a stable connection!