Virtual Private Networking - PPTP
From NAS-Central Buffalo - The Linkstation Wiki
(Difference between revisions)
m (→FreeLink) |
m (→PPTP implementation) |
||
| (9 intermediate revisions not shown) | |||
| Line 1: | Line 1: | ||
{{Articles|Debian|FreeLink}} | {{Articles|Debian|FreeLink}} | ||
| - | {{Warning|This article is a work in progress. Please expand on the article if you know more information. My goal is to | + | {{Warning|This article is a work in progress. Please expand on the article if you know more information. My goal is to this into the [[FreeLinkomatix]] script eventually}} |
| - | + | ||
<table align=right><tr><td>http://www.poptop.org/images/linux-poptop.jpg</td></tr></table> | <table align=right><tr><td>http://www.poptop.org/images/linux-poptop.jpg</td></tr></table> | ||
=PPTP= | =PPTP= | ||
| - | The '''[[w:Point-to-Point Tunneling Protocol|Point-to-Point Tunneling Protocol]]''' (PPTP)<ref>[[w:Point-to-Point Tunneling Protocol|Wikipedia:Point-to-Point Tunneling Protocol]]</ref> is a method for implementing [[w:virtual private network|virtual private network]]s. Another method for VPN is [[OpenVPN & LZO for the PPC LinkStation|OpenVPN]]. | + | The '''[[w:Point-to-Point Tunneling Protocol|Point-to-Point Tunneling Protocol]]''' (PPTP)<ref>[[w:Point-to-Point Tunneling Protocol|Wikipedia:Point-to-Point Tunneling Protocol]]</ref> is a method for implementing [[w:virtual private network|virtual private network]]s. |
| + | |||
| + | Another method for VPN is [[OpenVPN & LZO for the PPC LinkStation|OpenVPN]]. | ||
==PPTP implementation== | ==PPTP implementation== | ||
* PPTP works by sending a regular [[w:Point-to-Point Protocol|PPP]] session to the peer with the [[w:Generic Routing Encapsulation|Generic Routing Encapsulation]] (GRE) protocol. A second session on [[w:Transport Control Protocol|TCP]] port 1723 is used to initiate and manage the GRE session. PPTP is difficult to forward past a network [[w:Firewall (networking)|firewall]] because it requires two network sessions. | * PPTP works by sending a regular [[w:Point-to-Point Protocol|PPP]] session to the peer with the [[w:Generic Routing Encapsulation|Generic Routing Encapsulation]] (GRE) protocol. A second session on [[w:Transport Control Protocol|TCP]] port 1723 is used to initiate and manage the GRE session. PPTP is difficult to forward past a network [[w:Firewall (networking)|firewall]] because it requires two network sessions. | ||
* PPTP connections are authenticated with [[w:Microsoft|Microsoft]] [[w:Challenge-handshake authentication protocol|MSCHAP-v2]] or [[w:Extensible_Authentication_Protocol|EAP-TLS]]. VPN traffic is optionally protected by [[w:MPPE|MPPE]] [[w:encryption|encryption]], which is described by RFC 3078. | * PPTP connections are authenticated with [[w:Microsoft|Microsoft]] [[w:Challenge-handshake authentication protocol|MSCHAP-v2]] or [[w:Extensible_Authentication_Protocol|EAP-TLS]]. VPN traffic is optionally protected by [[w:MPPE|MPPE]] [[w:encryption|encryption]], which is described by RFC 3078. | ||
* [[w:Challenge-handshake authentication protocol|MSCHAP-v2]] can be compromised if users choose weak passwords. The certificate-based [[w:Extensible_Authentication_Protocol|EAP-TLS]] provides a superior security option for PPTP. | * [[w:Challenge-handshake authentication protocol|MSCHAP-v2]] can be compromised if users choose weak passwords. The certificate-based [[w:Extensible_Authentication_Protocol|EAP-TLS]] provides a superior security option for PPTP. | ||
| + | * [[w:Cisco Systems|Cisco]] first implemented PPTP and later licensed the technology to [[w:Microsoft|Microsoft]]. [[w:Mac OS X|Mac OS X]] is bundled with a PPTP client. [[w:Palm (PDA)|Palm PDA]] devices with Wi-Fi are bundled with the [[w:Mergic|Mergic]] PPTP client. | ||
| + | * Microsoft [[w:Windows Mobile|Windows Mobile]] 2003 and higher also support the PPTP protocol. | ||
| - | |||
| - | |||
==PoPToP== | ==PoPToP== | ||
| - | Poptop<ref>http://poptop.sourceforge.net/</ref>, is a PPTP Server for [[w:Linux|Linux]] ports also exist for Solaris 2.6, OpenBSD, FreeBSD and others | + | Poptop<ref>http://poptop.sourceforge.net/</ref>, is a PPTP Server for [[w:Linux|Linux]], ports also exist for Solaris 2.6, OpenBSD, FreeBSD and others, it features: |
| - | + | ||
| - | Microsoft compatible authentication and encryption (MSCHAPv2, MPPE 40 - 128 bit RC4 encryption) | + | * Microsoft compatible authentication and encryption (MSCHAPv2, MPPE 40 - 128 bit RC4 encryption) |
* Support for multiple client connections | * Support for multiple client connections | ||
| - | * Seamless integration into a Microsoft network environment (LDAP, SAMBA) using RADIUS plugin | + | * Seamless integration into a Microsoft network environment ([[w:LDAP|LDAP]], [[Samba|SAMBA]]) using [[w:RADIUS|RADIUS]] plugin |
| - | * Works with Windows 95/98/ | + | * Works with Windows [[w:Windows 95|95]]/[[w:Windows 98|98]]/[[w:Windows ME|ME]]/[[w:Windows NT|NT]]/[[w:Windows 2000|2000]]/[[w:Windows XP|XP]] PPTP clients |
| - | * Works with Linux PPTP client | + | * Works with [[w:Linux|Linux]] PPTP client |
| - | * Poptop is, | + | * Poptop is free software, licensed under the terms of the [[w:GNU General Public License|GNU General Public License (GPL)]] |
| + | |||
=Installation= | =Installation= | ||
==FreeLink== | ==FreeLink== | ||
Requirements: | Requirements: | ||
| - | * [[ | + | * [[Upgrade to the 2.6-kernel (ppc only)]] |
* [[Webmin to remotely administer your LinkStation ]] | * [[Webmin to remotely administer your LinkStation ]] | ||
| - | Use [[w:apt-get|apt-get]] to install | + | Use [[w:apt-get|apt-get]] to install Poptop: |
apt-get install pptpd webmin-pptp-server | apt-get install pptpd webmin-pptp-server | ||
| - | Then use the PPTP server configuration module for webmin to configure | + | Then use the PPTP server configuration module for webmin to configure Poptop or you could configure it manually<ref>[http://poptop.sourceforge.net/dox/debian-howto.phtml Debian pptpd HOWTO]</ref><ref>http://poptop.sourceforge.net/dox/</ref> |
=References= | =References= | ||
<references/> | <references/> | ||
{{stubs}} | {{stubs}} | ||
Latest revision as of 18:14, 27 October 2006
|
 |
Contents |
PPTP
The Point-to-Point Tunneling Protocol (PPTP)[1] is a method for implementing virtual private networks.
Another method for VPN is OpenVPN.
PPTP implementation
- PPTP works by sending a regular PPP session to the peer with the Generic Routing Encapsulation (GRE) protocol. A second session on TCP port 1723 is used to initiate and manage the GRE session. PPTP is difficult to forward past a network firewall because it requires two network sessions.
- PPTP connections are authenticated with Microsoft MSCHAP-v2 or EAP-TLS. VPN traffic is optionally protected by MPPE encryption, which is described by RFC 3078.
- MSCHAP-v2 can be compromised if users choose weak passwords. The certificate-based EAP-TLS provides a superior security option for PPTP.
- Cisco first implemented PPTP and later licensed the technology to Microsoft. Mac OS X is bundled with a PPTP client. Palm PDA devices with Wi-Fi are bundled with the Mergic PPTP client.
- Microsoft Windows Mobile 2003 and higher also support the PPTP protocol.
PoPToP
Poptop[2], is a PPTP Server for Linux, ports also exist for Solaris 2.6, OpenBSD, FreeBSD and others, it features:
- Microsoft compatible authentication and encryption (MSCHAPv2, MPPE 40 - 128 bit RC4 encryption)
- Support for multiple client connections
- Seamless integration into a Microsoft network environment (LDAP, SAMBA) using RADIUS plugin
- Works with Windows 95/98/ME/NT/2000/XP PPTP clients
- Works with Linux PPTP client
- Poptop is free software, licensed under the terms of the GNU General Public License (GPL)
Installation
FreeLink
Requirements:
Use apt-get to install Poptop:
apt-get install pptpd webmin-pptp-server
Then use the PPTP server configuration module for webmin to configure Poptop or you could configure it manually[3][4]
References
- ↑ Wikipedia:Point-to-Point Tunneling Protocol
- ↑ http://poptop.sourceforge.net/
- ↑ Debian pptpd HOWTO
- ↑ http://poptop.sourceforge.net/dox/
| This article is currently a stub. You can help this Wiki by expanding it . This template will categorize articles that include it into Category:Stubs. |
