NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

kraney's avatar
kraney
Aspirant
Sep 11, 2009

HOWTO: PPtP VPN

This howto will list the steps necessary to set up a pptp server on a ReadyNAS Duo. PPtP makes a nice choice, because OSX natively supports connecting to PPtP VPNs. I think windows does also, but don't have personal experience with it.

This howto guide was developed against RAIDiator 4.1.6. It may work with older versions, possibly with minor modifications.

First, set up a dev environment using the instructions at http://www.readynas.com/?p=145

Next, you'll need to install and set up the necessary software

  1. In FrontView, create a new group named "dip" (this is needed by the ppp package that pptpd relies on.)

  2. execute
    apt-get install pptpd

  3. edit /etc/pptpd.conf, and set up definitions for localip and remoteip. These will need to have appropriate values for your network. There are examples in the default config file. You basically want to pick IP addresses that are within your subnet, but not used by DHCP or by computers in your network. If your local net is 192.168.0.0, you might choose something like
    localip 192.168.0.2
    remoteip 192.168.0.3-50

  4. optionally, turn on bcrelay in pptpd.conf

  5. edit /etc/ppp/chap-secrets, and add a username and password for a VPN user

  6. edit /etc/sysctl.conf and add
    net.ipv4.ip_forward 1

    This will tell the ReadyNAS to route your VPN client's traffic out to the rest of your network. This change will take effect on your next boot. You can go ahead and turn on routing without needing to reboot by running
    echo 1 >> /proc/sys/net/ipv4/ip_forward


  7. Finally, you'll need to build the PPP kernel modules. This howto assumes you'll be building the kernel modules directly on the NAS device. You can also cross-compile on a different box, but I'll leave that explanation to other guides.

    1. Download the Linux kernel posted at http://www.readynas.com/gpl

    2. run
      apt-get install libncurses5-dev
      (needed to run menuconfig when setting up the kernel)

    3. cd to the linux kernel directory, and run
      cp arch/padre/defconfig .config

    4. There is a hardcoded cross-compile setup in the kernel build, which needs to be fixed. Edit arch/padre/Makefile, and replace the line that starts with "CROSS_COMPILE" with one like this
      CROSS_COMPILE ?=

    5. run
      make menuconfig

    6. Navigate to the "Network Device Support -> PPP (point-to-point protocol support)" page

    7. enable "PPP" by pressing "M" to mark it as a module

    8. also enable MPPE compression and async serial support.

    9. enable ppp filtering by pressing the space bar (it isn't a module, so 'M' doesn't work.)

    10. save the configuration and run
      make modules
      cp drivers/net/{ppp_async,ppp_mppe,ppp_generic,slhc}.ko /lib/modules/2.6.17.8ReadyNAS/kernel/drivers/net/
      mkdir /lib/modules/2.6.17.8ReadyNAS/kernel/crypto
      cp crypto/{sha1,arc4}.ko /lib/modules/2.6.17.8ReadyNAS/kernel/crypto/
      depmod -a


    11. At this point, you should be able to connect from your VPN client, using the username and password you added to /etc/ppp/chap-secrets. The kernel will automatically load the new modules when they're needed.

      If you run into trouble, check /var/log/syslog on the ReadyNAS for error messages.

60 Replies

Replies have been turned off for this discussion

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More