Vpn connection ubuntu. Setting up a VPN connection in Linux. Why you should download VPN on Linux

Instructions

Check if PPP support exists in your operating system kernel. The easiest way to do this is by looking at the values ​​of the options with the CONFIG_PPP prefix in the current kernel configuration file. It is usually installed in the / boot directory and has a name starting with config. Find out the name of this file using the command
ls / boot
or
ls / boot | grep conf
Print the lines you want with cat, filtering with grep. For example:
cat /boot/config-2.6.30-std-def-alt15 | grep PPP
Parse the lines containing the CONFIG_PPP, CONFIG_PPP_ASYNC, CONFIG_PPP_SYNC_TTY options. If there is no # symbol in front of them, the corresponding functionality is supported (for values ​​of m - in the form of an external module, for values ​​of y - it is included in the kernel).

Check if the client software for establishing VPN connections is installed on the system. The required package usually has a name starting with pptp. Use apt-cache with the search option to find the required package in the available repositories and rpm with the -qa option to check if the package is installed. When working in a graphical environment, it may make sense to use programs such as synaptic.

Install the missing software. Use the appropriate package managers (apt-get, rpm in the console, synaptic in the graphical environment, etc.). If you installed the ppp package with kernel modules to support the appropriate protocol, restart your computer.

Try configuring the VPN using configuration scripts such as pptp-command or pptpsetup. They are often included in VPN client software packages. For help on the command line parameters of these utilities, use their launch with the --help option. For example:
pptpsetup --help
If no configuration scripts have been installed, proceed to the next step to manually configure the VPN.

Create a directory / etc / ppp with a file named chap-secrets. Open the file in a text editor. Add a line like this to it:
LOGIN SERVER PASSWORD *
The LOGIN and PASSWORD values ​​are username and password. They must be provided by your VPN service provider. Replace SERVER with an arbitrary connection name or *.

Create directory / etc / ppp / peers. Create a file in it that has the same name as the SERVER value from the previous step (or an arbitrary name if * was specified). Edit this file to add information like:
pty "pptp SERVER --nolaunchpppd"
name LOGIN
ipparam SERVER
remotename SERVER
lock
noauth
nodeflate
nobsdcomp
The LOGIN and SERVER values ​​here are the same as in step 5. This completes the VPN configuration on Linux.

Configuring with Network Manager "a

Whatever it was, but still describe the vpn setting using network-manager "a. This setting is quite suitable for those who use automatic obtaining of an IP address using DHCP in their connection to the network.

1. Install the two packages we need:
# apt-get install pptp-linux network-manager-pptp
Since these packages are not on the ubuntu disk by default, and vpn often has to be configured on a machine that no longer has another Internet connection, I advise you to stock up on these packages from the official repository in advance. To do this, go to the packages.ubuntu.com/ site, look for these two packages there, download them and then install them on the machine we need.
2. If the VPN Connections item does not appear in the Network Manager applet or it will not open, then you need to re-login or even better - reboot.
3. Press the left mouse button (the right button brings up another menu) on the Network Manager icon "and in the drop-down menu select" VPN connections "-" Configure VPN ". Add a new connection and set all the necessary options for this connection ...
4. After that, your connection should appear in the "VPN connections" menu, if it suddenly does not appear - re-login or reboot (well, what can I do, as long as this network-manager is still crude).
5. Everyone can now connect to the VPN connection you created (as well as disconnect by selecting the menu item in the Network Manager "e).

# apt-get install pptp-linux

As I already described above in the installation section using network-manager "a, vpn often needs to be configured on a machine that no longer has another Internet connection, so I advise you to stock up on this package in advance from the official repository packages.ubuntu.com/.

2. Edit the options.pptp file:
#nano /etc/ppp/options.pptp

lock noauth nobsdcomp nodeflate persist

I will not describe each of the parameters, I will describe only a few:
persist - this parameter tries to reopen the connection when it is closed;
nodeflate - do not use deflate compression (although they say it works faster with it, I don't know - I haven't tested it).
Also, if your connection uses encryption, then add one of the lines, depending on the type of encryption - require-mschap-v2, require-mppe-40, require-mppe-128, require-mppe.

3. Create a connection file / etc / ppp / peers / vpn (you can replace the vpn name with any other, but if you change it, do not forget to change it further in this article)

#nano / etc / ppp / peers / vpn

We insert the following lines there:
maxfail 0 lcp-echo-interval 60 lcp-echo-failure 4 defaultroute pty "pptp vpn.ava.net.ua --nolaunchpppd" name sukochev remotename PPTP + chap file /etc/ppp/options.pptp ipparam vpn

Attention!!! Be sure to replace the following options with yours:
Instead of vpn.ava.net.ua, enter the address of your vpn server (you can use the server's IP). Instead of sukochev, insert your login.
I will describe some parameters:
maxfail 0 - always try to connect if there is no connection;
lcp-echo-interval - time interval after which the remote side is polled;
lcp-echo-failure - the number of unanswered requests from the remote side, after which the system considers us to be disabled;
defaultroute - set the default route;
+ chap - authentication type. Besides + chap, the + pap type can be used.
file - read additional settings from the specified file.
You can also add the following parameters if needed:
deflate 15,15 - use deflate compression (there should not be a nodeflate parameter in the options.pptp file);
mtu - the maximum size of the transmitted packet (this parameter is usually changed when the connection is often disconnected or some sites do not open);
mru is the maximum size of a received packet.

4. Edit the file / etc / ppp / chap-secrets (if the PAP authentication type is used, then / etc / ppp / pap-secrets, respectively)

#nano / etc / ppp / chap-secrets

We insert a line there, like:

Sukochev PPTP password *

Attention!!! Replace sukochev with your username, and password with your password to connect.
5. If necessary, add the necessary routes to the / etc / network / interfaces file. For example, my routes are registered so that when the vpn connection is turned on, I can use the local local network. Here is an example of my routes (those that start with up route), they will naturally differ for you:

Auto eth1 iface eth1 inet dhcp up route add -net 10.1.0.0 netmask 255.255.0.0 gw 10.1.45.1 dev eth1 up route add -net 10.3.0.0 netmask 255.255.0.0 gw 10.1.45.1 dev eth1

Do not forget to restart network connections after changing the / etc / network / interfaces file:

# / etc / init.d / networking restart

6. Now you can enable and disable VPN connection using the following commands:
Turning on

Shutdown

Automatic VPN connection at system boot

To do this, edit the file / etc / network / interfaces
#nano / etc / network / interfaces

And insert the following lines at the end of the file:
auto ppp0 iface ppp0 inet ppp provider vpn pre-up ip link set eth1 up up route del default up route add default dev ppp0

Where eth1 is the interface of the network device through which the vpn connection is connected, and vpn is the name of the vpn connection that you created in the / etc / ppp / peers / folder.

Setting up a VPN connection in Debian

Here is an example of how to set up a VPN connection for Debian Linux via the command line. But it will be no less useful to owners of distributions based on Debian, for example, Ubuntu.

1. First you need the pptp package:
   # apt-get install pptp-linux
2. We edit (or create, if it does not exist) the /etc/ppp/options.pptp file. It should contain the following parameters:
   lock
   noauth
   nobsdcomp
   nodeflate
3. Next, you need to add a line like this to the / etc / ppp / chap-secrets file:
   “Username” PPTP “password” *
4. Create a file / etc / ppp / peers / XXX (XXX is the name of the network). Write the following in it:
   pty "pptp vpn.XXX.ru --nolaunchpppd"
   name "username"
   remotename PPTP
   file /etc/ppp/options.pptp
   defaultroute
   “Username” and “password” must be replaced with your username and password without quotation marks, as specified in your agreement. vpn.XXX.ru - vpn server address - ask your provider.
5. To automatically replace the default route, create the /etc/ppp/ip-up.d/routes-up file:
   # su touch /etc/ppp/ip-up.d/routes-up
   # su chown a + x /etc/ppp/ip-up.d/routes-up

   And we enter the following into it:
   #! / bin / sh
   / sbin / route del default
   / sbin / route add default dev ppp0
   Create a file /etc/ppp/ip-down.d/routes-down:
   # su touch /etc/ppp/ip-down.d/routes-down
   # su chown a + x /etc/ppp/ip-down.d/routes-down
   And we enter the following into it:
   #! / bin / sh
   / sbin / route del default
   / sbin / route add default dev eth0

6. Now you can connect with the command:
   # su pon XXX
   For a detailed display of information about the connection process, type:
   # su pon XXX debug dump logfd 2 nodetach
   You can check if you are connected to the VPN by typing the ifconfig command. If its output contains the ppp0 section, then you are connected and can start working with the Internet. To disable, press ctrl + c, or type:
   # su poff XXX
7. In order for your computer to receive routes from our server, the following lines must be present in the /etc/dhcp3/dhclient.conf file:
   #
   option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
   option ms-classless-static-routes code 249 = array of unsigned integer 8;
   #
   request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, domain-search, host-name, netbios-name-servers, netbios-scope, interface-mtu, static-route , rfc3442-classless-static-routes, ms-classless-static-routes;
   #
8. To automatically connect to the Internet when loading the operating system, create a file / etc / init.d / XXX
   # touch /etc/init.d/XXX
   # su chown a + x /etc/init.d/XXX
   # su ln -s /etc/init.d/XXX /etc/rc2.d/S99XXX
   Let's write it in the following:
   #! / bin / sh
   su / usr / bin / pon XXX

In all commands, XXX is the name of your network.

In the latest versions of ubuntu, it is possible to configure a VPN connection using a graphical interface. Consider setting up a VPN.

We need 2 packages. These are pptp-linux and network-manager-pptp packages. You can download them using the links:

Remember, you need to download packages for your architecture (32- or 64-bit).

After downloading, install the packages in the appropriate order. First, we put pptp-linux, after network-manager-pptp.

After installation network-manager-pptp we reboot the system.

After rebooting, we find in the upper right corner the icon representing two monitors, and click on it with the left mouse button.

Find puntk "Configure VPN ..." and click on it.

After that, another window will appear.

In a new window, specify the connection name and the address of the vpn server. In my case, the name is "Aist", and the server address (gateway) is server.avtograd.ru

(Click on the picture to enlarge)

After the data is entered, go over the tabs "Authentication", Compression & Encryption etc. and fill in the data. Not yet clicking the "Next" button.

As for me personally, I did not change anything on these tabs, and left everything as it is. What to change and what not depends on your provider.

After all the settings are made, click "Further".

Another window appears.

Push the button Apply... Configuring VPN connection parameters is now complete.

Now we connect to the Internet. Left-click again on the same dual-monitor icon and select the connection you created. In my case it is "Aist".

In the window that appears, enter our username and password to connect to the network and click "OK".

All is ready. Stable internet connection =).

Material specially prepared for myubuntu.ru.

VPN setup on Ubuntu

I didn't think to write this article, but since in Ubuntu 8.04, Network Manager was not done so normally when working on a network with static IP addresses, I will still describe how I manually configure my VPN connection.

Configuring with Network Manager "a

Whatever it was, but still describe the vpn setting using network-manager "a. This setting is quite suitable for those who use automatic obtaining of an IP address using DHCP in their connection to the network.
1. Install the two packages we need:

Since these packages are not on the ubuntu disk by default, and vpn often has to be configured on a machine that no longer has another Internet connection, I advise you to stock up on these packages from the official repository in advance. To do this, go to the site http://packages.ubuntu.com/, there we look for these two packages, download them and then install them on the machine we need.
2. If the "VPN Connections" item does not appear in the Network Manager applet or it will not open, then you need to re-login or even better - reboot.
3. Press the left mouse button (the right button brings up another menu) on the Network Manager icon "and in the drop-down menu select" VPN connections "-" Configure VPN ". Add a new connection and set all the necessary options for this connection ...
4. After that, your connection should appear in the "VPN connections" menu, if it suddenly does not appear - re-login or reboot (well, what can I do, so much, still, this crude network-manager :().
5. Everyone can now connect to the VPN connection you created (as well as disconnect by selecting the menu item in the Network Manager "e).

Manual setting

Further I describe the setting for my connection, your setting should differ in the input data, and may also differ in the input parameters.
1. Install the package pptp-linux:

As I described above in the installation section using network-manager "and, vpn often needs to be configured on a machine that no longer has another Internet connection, so I advise you to stock up on this package in advance from the official repository http://packages.ubuntu.com /.
2. Editing the file options.pptp:

nano /etc/ppp/options.pptp

lock
noauth
nobsdcomp
nodeflate
persist

I will not describe each of the parameters, I will describe only a few:
persist- this parameter tries to reopen the connection when it is closed;
nodeflate- do not use deflate compression (although they say it works faster with it, I don’t know - I haven’t tested it).
Also, if your connection uses encryption, then add one of the lines, depending on the type of encryption - require-mschap-v2, require-mppe-40, require-mppe-128, require-mppe.
3. Create a connection file / etc / ppp / peers / vpn(title vpn you can replace it with any other, but if you replace, do not forget to change it further in this article)

nano / etc / ppp / peers / vpn

We insert the following lines there:

maxfail 0
lcp-echo-interval 60
lcp-echo-failure 4
defaultroute
pty "pptp vpn.ava.net.ua --nolaunchpppd"
name sukochev
remotename PPTP
+ chap
file /etc/ppp/options.pptp
ipparam vpn

Attention!!! Be sure to replace the following options with yours:
Instead of vpn.ava.net.ua enter the address of your vpn server (you can use the IP of the server). Instead of sukochev insert your connection login.
I will describe some parameters:
maxfail 0- always try to connect if there is no connection;
lcp-echo-interval- the time interval after which the remote side is polled;
lcp-echo-failure- the number of unanswered requests from the remote side, after which the system considers that we have been disconnected;
defaultroute- set the default route;
+ chap- type of authentication. In addition to + chap, the type + pap.
file- read additional settings from the specified file.
You can also add the following parameters if needed:
deflate 15.15- use deflate compression (there should not be a nodeflate parameter in the options.pptp file);
mtu- the maximum size of the transmitted packet (this parameter is usually changed when the connection is often disconnected or some sites do not open);
mru- the maximum size of the received packet.
4. Editing the file / etc / ppp / chap-secrets(if the authentication type is PAP, then / etc / ppp / pap-secrets, respectively)

nano / etc / ppp / chap-secrets

We insert a line there, like:

sukochev PPTP password *

Attention!!! Replace sukochev to your username, and password to your password to connect.
5. If necessary, write to the file / etc / network / interfaces the necessary routes. For example, my routes are registered so that when the vpn connection is turned on, I can use the local local network. Here is an example of my routes (those that start with up route), they will naturally differ for you:

auto eth1
iface eth1 inet dhcp
up route add -net 10.1.0.0 netmask 255.255.0.0 gw 10.1.45.1 dev eth1
up route add -net 10.3.0.0 netmask 255.255.0.0 gw 10.1.45.1 dev eth1

Do not forget to restart network connections after changing the / etc / network / interfaces file:

/etc/init.d/networking restart

6. Now you can enable and disable VPN connection using the following commands:
Turning on

Shutdown

Automatic VPN connection at system boot

To do this, edit the file / etc / network / interfaces

nano / etc / network / interfaces

And insert the following lines at the end of the file:

auto ppp0
iface ppp0 inet ppp
provider vpn
pre-up ip link set eth1 up
up route del default
up route add default dev ppp0

Where eth1 is the interface of the network device through which the vpn connection is connected, and vpn- the name of the vpn connection that you created in the / etc / ppp / peers / folder.

If ($ answer_counter == 1):?> Endif; ?>

UPDATE... As for Sierra, macOS no longer supports PPTP vpn. This answer is not valid for macOS Sierra clients and others.

PPTP over PoPToP easy

1. apt-get install pptpd
2. edit /etc/pptpd.conf and set the remoteip parameter to a value on your network that is NOT served by your DHCP server.
3. edit / etc / ppp / chap-secrets and add username and password

for example.

Vpnuser pptpd vpnpassword *

That's all it takes to install pptp. Now test it with your OS X client.

Jay _silly_evarlast_ Wren

WARNING: PPTP IS AN INSECURE PROTOCOL! Not only has the encryption been breached, but it sends your authentication in clear text and is easily intercepted. It has been estimated that the amount of time required to brute-force the password is roughly equivalent to the time required to brute-force a single DES key. Consider using OpenVPN or another VPN architecture instead of PPTP!

Qasim

The other answers on this thread were only partial answers in my case. Here is what worked for me on Ubuntu 12.04.3

Sudo apt-get install pptpd

Add the following to /etc/pptpd.conf: (The IP address does not matter, these are only the IP addresses for your ppp0 interface.)

Localip 10.0.0.1 remoteip 10.0.0.100-200

Add DNS servers to / etc / ppp / pptpd-options

Ms-dns 8.8.8.8 ms-dns 8.8.4.4

Enable IP forwarding

sudo vim /etc/sysctl.conf

Uncomment this line

Sudo sysctl -p /etc/sysctl.conf

Modify / etc / ppp / chap-secrets add VPN user in this format:

# Secrets for authentication using CHAP # client server secret IP addresses username pptpd supersecretpassword *

Restart PPTP

Service pptpd restart

Run ifconfig and find your default interface, in my case it was br0(I changed it to allow VMs on my physical machine to share the interface. It will probably be en0)

Iptables backup

Iptables-save> ~ / iptables.save

Now make the changes to iptables use their default interface as shown by ifconfig.