Thursday, September 20, 2012

VPN on OpenWRT

OpenWrt is Linux based router, where you can manage it through GUI / CLI, below I will show how to setup PPTP VPN server on OpenWrt with CLI.

1. Login to router with putty (win) or ssh client, install pptpd :


opkg update

opkg install kmod-mppe
opkg install pptpd


2. Configure pptpd.



vi /etc/pptpd.conf
option /etc/ppp/options.pptpd 
stimeout 10
localip 10.0.0.1    #this is VPN IP
remoteip 10.0.0.2-254 # this is client IP range


vi /etc/ppp/options.pptpd


logfile /tmp/pptp-server.log

auth

name "pptp-server"
lcp-echo-failure 3
lcp-echo-interval 60
default-asyncmap
mtu 1482
mru 1482
nobsdcomp
nodeflate
noproxyarp
#nomppc
mppe required,no40,no56,stateless
require-mschap-v2
refuse-chap
refuse-mschap
refuse-eap
refuse-pap
ms-dns 8.8.8.8 #google dns server 


3. Add client to PPTP.



vi /etc/ppp/chap-secrets
#USERNAMNAME PROVIDER PASSWORD IPADDRESS
username * password *


4. Start pptpd , remember allow port 1723, 47 for pptp protocol.


/etc/init.d/pptpd enable && /etc/init.d/pptpd restart



5. Install & Configure PPTP client, demo below I using Ubuntu OS.


apt-get install pptp-linux


vi /etc/ppp/peer/pptpd




pty "pptp pptp-domain.com --nolaunchpppd"
name user
remotename pptpd 
require-mppe-128
file /etc/ppp/options.pptp
ipparam pptpd



6. Adding account info.

vi /etc/ppp/chap-secrets

#USERNAMNAME PROVIDER PASSWORD IPADDRESS
username * password *


7. Config the routing path

# nano /etc/ppp/ip-up.d/pptpd
#!/bin/sh 
if [ "${PPP_IPPARAM}" = "pptpd" ]; then
   /sbin/route add -net 192.168.10.0/24 dev ${IFNAME}
fi


8. Connection test


pon pptpd 


verify the connection with ifconfig, should able to view adapter ppp0.


route add -net 192.168.1.0 netmask 255.255.255.0 dev ppp0