Help setting up VPN client

General discussion about Gargoyle, OpenWrt or anything else even remotely related to the project

Moderator: Moderators

Post Reply
Gideon7
Posts: 2
Joined: Sun Jul 15, 2012 4:40 pm

Re: Help setting up VPN client

Post by Gideon7 »

Oh yeah, be sure to install the correct packages. The package list is only semi-documented. I mistakenly installed an old xtables package and it silently killed by VPN stone dead.. it tossed all GRE packets into the bit-bucket (see below). I ended up nuking the whole unit and started over :cry: .

Code: Select all

** Download and install the required packages (do after upgrading firmware)

To view the list of installed packages:
   cd /tmp
   opkg update
   opkg list-installed > foo   # list installed packages
   opkg list > foo  # list available downloadable packages
   opkg list-upgradable > foo  # list downloadable packages for upgrading
   opkg list-changed-conffiles  # list config files we modified locally
   less foo

To download and install a package (example):
   opkg update
   opkg install iptables-mod-conntrack-extra 

Required packages for Microsoft-compatible client PPP/PPTP:

   iptables-utils
      Not required, but crucial for troubleshooting iptables.
      Run 'iptables-save > foo' to show the active iptables command lines.

   pptp
      Required for PPTP client

   kmod-mppe
      Required for PPTP using Microsoft MPPE encryption

   ip
      For ip command (troubleshooting)
         ip addr show dev pptp-vpn
         ip addr show dev pptp-vpn
         ip route

   iptables-mod-conntrack-extra
      For CONNMARK, connbytes, conntrack, helper
      For -m recent
      Also installs kmod-ipt-conntrack-extra

   iptables-mod-nat-extra
      For -j REDIRECT, -j NETMAP, -j MIRROR
      Also installs kmod-ipt-nat-extra

#ifdef UNDEFINED // Not used, do not install
   iptables-mod-extra
      For iptables -m pkttype, -m quota, -m owner
      Also installs kmod-ipt-extra
#endif

   kmod-crypto-sha1
      Implied by package kmod-mppe

   kmod-gre
      Implied by package pptp

   kmod-ipt-conntrack-extra
      Implied by iptables-mod-conntrack-extra
      For CONNMARK, connbytes, conntrack, helper
      For -m recent

   kmod-ipt-nat-extra
      Implied by iptables-mod-nat-extra
      For -j REDIRECT, -j NETMAP, -j MIRROR

#ifdef UNDEFINED // No!  Old Netfilter (IPv4), conflicts with newer kmod-ipt-xxx
   kmod-ipt-filter  Old xtables
      Also installs kmod-textsearch
      "Netfilter (IPv4) kernel modules for packet content inspection"
#endif
      
#ifdef UNDEFINED // No!  Old Netfilter (IPv4), conflicts with newer kmod-ipt-xxx
   kmod-ipt-nathelper-extra  Old xtables
      Also installs kmod-textsearch
      "Extra Netfilter (IPv4) Conntrack and NAT helpers"
#endif

   resolveip
      Implied by package pptp

** REBOOT **
Top
stanelie
Posts: 14
Joined: Sun Dec 04, 2011 6:59 pm

Re: Help setting up VPN client

Post by stanelie »

Hello Gideon7.

Thanks to your great write-up, I now have a working router that acts as a VPN gateway for a company voip phone.

The /etc/ppp/ip-up.d/ip-up.sh script is missing a V at the very end. :)

As the VPN gateway (GW in your script) on the remote lan changes from time time for me, I would like to improve the /etc/ppp/ip-up.d/ip-up.sh script and replace the hard-coded gateway value with the result of this :

Code: Select all

ifconfig pptp-vpn | grep "inet addr" | cut -d \  -f 14 | sed 's/P-t-P://'
How can this be done?

Thanks!
Top
stanelie
Posts: 14
Joined: Sun Dec 04, 2011 6:59 pm

Re: Help setting up VPN client

Post by stanelie »

Okay,

Figured it out myself :
in if-up.sh, replace the GW= line with

Code: Select all

GW=$(ifconfig pptp-vpn | grep "inet addr" | cut -d \  -f 14 | sed 's/P-t-P://')
Top
domnica
Posts: 1
Joined: Sat Sep 07, 2013 9:55 am

Re: Help setting up VPN client

Post by domnica »

Please confirm how to find this free vpn is 256bit encryption thanks http://www.thefreevpn.net/free-vpn-service/
Top
Post Reply

Return to “General Discussion”