Difference between revisions of "Virtual Private Networking - PPTP"

From NAS-Central Buffalo - The Linkstation Wiki
Jump to: navigation, search
m (PoPToP)
m (PPTP implementation)
 
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
{{Articles|Debian|FreeLink}}
 
{{Articles|Debian|FreeLink}}
{{Warning|This article is a work in progress.  Please expand on the article if you know more information.  My goal is to work
+
{{Warning|This article is a work in progress.  Please expand on the article if you know more information.  My goal is to this into the [[FreeLinkomatix]] script eventually}}
these two options into the [[FreeLinkomatix]] script eventually}}
+
 
<table align=right><tr><td>http://www.poptop.org/images/linux-poptop.jpg</td></tr></table>
 
<table align=right><tr><td>http://www.poptop.org/images/linux-poptop.jpg</td></tr></table>
 
=PPTP=
 
=PPTP=
The '''[[w:Point-to-Point Tunneling Protocol|Point-to-Point Tunneling Protocol]]''' (PPTP)<ref>[[w:Point-to-Point Tunneling Protocol|Wikipedia:Point-to-Point Tunneling Protocol]]</ref> is a method for implementing [[w:virtual private network|virtual private network]]s.  Another method for VPN is [[OpenVPN & LZO for the PPC LinkStation|OpenVPN]].
+
The '''[[w:Point-to-Point Tunneling Protocol|Point-to-Point Tunneling Protocol]]''' (PPTP)<ref>[[w:Point-to-Point Tunneling Protocol|Wikipedia:Point-to-Point Tunneling Protocol]]</ref> is a method for implementing [[w:virtual private network|virtual private network]]s.   
 +
 
 +
Another method for VPN is [[OpenVPN & LZO for the PPC LinkStation|OpenVPN]].
 
==PPTP implementation==
 
==PPTP implementation==
 
* PPTP works by sending a regular [[w:Point-to-Point Protocol|PPP]] session to the peer with the [[w:Generic Routing Encapsulation|Generic Routing Encapsulation]] (GRE) protocol.  A second session on [[w:Transport Control Protocol|TCP]] port 1723 is used to initiate and manage the GRE session.  PPTP is difficult to forward past a network [[w:Firewall (networking)|firewall]] because it requires two network sessions.
 
* PPTP works by sending a regular [[w:Point-to-Point Protocol|PPP]] session to the peer with the [[w:Generic Routing Encapsulation|Generic Routing Encapsulation]] (GRE) protocol.  A second session on [[w:Transport Control Protocol|TCP]] port 1723 is used to initiate and manage the GRE session.  PPTP is difficult to forward past a network [[w:Firewall (networking)|firewall]] because it requires two network sessions.
 
* PPTP connections are authenticated with [[w:Microsoft|Microsoft]] [[w:Challenge-handshake authentication protocol|MSCHAP-v2]] or [[w:Extensible_Authentication_Protocol|EAP-TLS]]. VPN traffic is optionally protected by [[w:MPPE|MPPE]] [[w:encryption|encryption]], which is described by RFC 3078.
 
* PPTP connections are authenticated with [[w:Microsoft|Microsoft]] [[w:Challenge-handshake authentication protocol|MSCHAP-v2]] or [[w:Extensible_Authentication_Protocol|EAP-TLS]]. VPN traffic is optionally protected by [[w:MPPE|MPPE]] [[w:encryption|encryption]], which is described by RFC 3078.
 
* [[w:Challenge-handshake authentication protocol|MSCHAP-v2]] can be compromised if users choose weak passwords. The certificate-based [[w:Extensible_Authentication_Protocol|EAP-TLS]] provides a superior security option for PPTP.
 
* [[w:Challenge-handshake authentication protocol|MSCHAP-v2]] can be compromised if users choose weak passwords. The certificate-based [[w:Extensible_Authentication_Protocol|EAP-TLS]] provides a superior security option for PPTP.
 +
* [[w:Cisco Systems|Cisco]] first implemented PPTP and later licensed the technology to [[w:Microsoft|Microsoft]]. [[w:Mac OS X|Mac OS X]] is bundled with a PPTP client.  [[w:Palm (PDA)|Palm PDA]] devices with Wi-Fi are bundled with the [[w:Mergic|Mergic]] PPTP client.
 +
* Microsoft [[w:Windows Mobile|Windows Mobile]] 2003 and higher also support the PPTP protocol.
  
[[w:Cisco Systems|Cisco]] first implemented PPTP and later licensed the technology to [[w:Microsoft|Microsoft]]. [[w:Mac OS X|Mac OS X]] is bundled with a PPTP client.  [[w:Palm (PDA)|Palm PDA]] devices with Wi-Fi are bundled with the [[w:Mergic|Mergic]] PPTP client.
 
Microsoft [[w:Windows Mobile|Windows Mobile]] 2003 and higher also support the PPTP protocol.
 
 
==PoPToP==
 
==PoPToP==
 
Poptop<ref>http://poptop.sourceforge.net/</ref>, is a PPTP Server for [[w:Linux|Linux]], ports also exist for Solaris 2.6, OpenBSD, FreeBSD and others, it features:
 
Poptop<ref>http://poptop.sourceforge.net/</ref>, is a PPTP Server for [[w:Linux|Linux]], ports also exist for Solaris 2.6, OpenBSD, FreeBSD and others, it features:
Line 17: Line 18:
 
* Microsoft compatible authentication and encryption (MSCHAPv2, MPPE 40 - 128 bit RC4 encryption)
 
* Microsoft compatible authentication and encryption (MSCHAPv2, MPPE 40 - 128 bit RC4 encryption)
 
* Support for multiple client connections
 
* Support for multiple client connections
* Seamless integration into a Microsoft network environment (LDAP, SAMBA) using [[w:RADIUS|RADIUS]] plugin
+
* Seamless integration into a Microsoft network environment ([[w:LDAP|LDAP]], [[Samba|SAMBA]]) using [[w:RADIUS|RADIUS]] plugin
 
* Works with Windows [[w:Windows 95|95]]/[[w:Windows 98|98]]/[[w:Windows ME|ME]]/[[w:Windows NT|NT]]/[[w:Windows 2000|2000]]/[[w:Windows XP|XP]] PPTP clients
 
* Works with Windows [[w:Windows 95|95]]/[[w:Windows 98|98]]/[[w:Windows ME|ME]]/[[w:Windows NT|NT]]/[[w:Windows 2000|2000]]/[[w:Windows XP|XP]] PPTP clients
 
* Works with [[w:Linux|Linux]] PPTP client
 
* Works with [[w:Linux|Linux]] PPTP client
Line 25: Line 26:
 
==FreeLink==
 
==FreeLink==
 
Requirements:
 
Requirements:
* [[:Category:Kernel|Upgrade to Kernel 2.6 PPC Only]]
+
* [[Upgrade to the 2.6-kernel (ppc only)]]
 
* [[Webmin to remotely administer your LinkStation ]]
 
* [[Webmin to remotely administer your LinkStation ]]
  

Latest revision as of 18:14, 27 October 2006

Nuvola apps important.png 
WARNING!

This article is a work in progress. Please expand on the article if you know more information. My goal is to this into the FreeLinkomatix script eventually


linux-poptop.jpg

Contents

PPTP

The Point-to-Point Tunneling Protocol (PPTP)[1] is a method for implementing virtual private networks.

Another method for VPN is OpenVPN.

PPTP implementation

  • PPTP works by sending a regular PPP session to the peer with the Generic Routing Encapsulation (GRE) protocol. A second session on TCP port 1723 is used to initiate and manage the GRE session. PPTP is difficult to forward past a network firewall because it requires two network sessions.
  • PPTP connections are authenticated with Microsoft MSCHAP-v2 or EAP-TLS. VPN traffic is optionally protected by MPPE encryption, which is described by RFC 3078.
  • MSCHAP-v2 can be compromised if users choose weak passwords. The certificate-based EAP-TLS provides a superior security option for PPTP.
  • Cisco first implemented PPTP and later licensed the technology to Microsoft. Mac OS X is bundled with a PPTP client. Palm PDA devices with Wi-Fi are bundled with the Mergic PPTP client.
  • Microsoft Windows Mobile 2003 and higher also support the PPTP protocol.

PoPToP

Poptop[2], is a PPTP Server for Linux, ports also exist for Solaris 2.6, OpenBSD, FreeBSD and others, it features:

  • Microsoft compatible authentication and encryption (MSCHAPv2, MPPE 40 - 128 bit RC4 encryption)
  • Support for multiple client connections
  • Seamless integration into a Microsoft network environment (LDAP, SAMBA) using RADIUS plugin
  • Works with Windows 95/98/ME/NT/2000/XP PPTP clients
  • Works with Linux PPTP client
  • Poptop is free software, licensed under the terms of the GNU General Public License (GPL)

Installation

FreeLink

Requirements:

Use apt-get to install Poptop:

apt-get install pptpd webmin-pptp-server 

Then use the PPTP server configuration module for webmin to configure Poptop or you could configure it manually[3][4]

References

  1. Wikipedia:Point-to-Point Tunneling Protocol
  2. http://poptop.sourceforge.net/
  3. Debian pptpd HOWTO
  4. http://poptop.sourceforge.net/dox/
Link.png This article is currently a stub. You can help this Wiki by expanding it

. This template will categorize articles that include it into Category:Stubs.