HOWTO: PPtP VPN

kraney wrote:

Finally, you'll need to build the PPP kernel modules. This howto assumes you'll be building the kernel modules directly on the NAS device. You can also cross-compile on a different box, but I'll leave that explanation to other guides. Download the Linux kernel posted at http://www.readynas.com/gpl run apt-get install libncurses5-dev (needed to run menuconfig when setting up the kernel) cd to the linux kernel directory, and run cp arch/padre/defconfig .config There is a hardcoded cross-compile setup in the kernel build, which needs to be fixed. Edit arch/padre/Makefile, and replace the line that starts with "CROSS_COMPILE" with one like this CROSS_COMPILE ?= run make menuconfig Navigate to the "Network Device Support -> PPP (point-to-point protocol support)" page enable "PPP" by pressing "M" to mark it as a module also enable MPPE compression and async serial support. enable ppp filtering by pressing the space bar (it isn't a module, so 'M' doesn't work.) save the configuration and run make modules cp drivers/net/{ppp_async,ppp_mppe,ppp_generic,slhc}.ko /lib/modules/2.6.17.8ReadyNAS/kernel/drivers/net/ mkdir /lib/modules/2.6.17.8ReadyNAS/kernel/crypto cp crypto/{sha1,arc4}.ko /lib/modules/2.6.17.8ReadyNAS/kernel/crypto/ depmod -a At this point, you should be able to connect from your VPN client, using the username and password you added to /etc/ppp/chap-secrets. The kernel will automatically load the new modules when they're needed. If you run into trouble, check /var/log/syslog on the ReadyNAS for error messages.

You lost me there on Step 3. Where is arch/padre/Makefile?

Any chance of getting the ppp.o binary from someone who has it already?

You lost me there on Step 3. Where is arch/padre/Makefile?

It's a subdirectory inside the linux kernel source. It's the linux-2.6.17 directory within the source distribution.

sesam wrote:
Any chance of getting the ppp.o binary from someone who has it already?

There is no ppp.o binary. There are a total of 6 kernel modules that are built. In drivers/net, there are:

• ppp_async.ko


• ppp_mppe.ko


• ppp_generic.ko


• slhc.ko

and in drivers/crypto, there are:

• sha1.ko


• arc4.ko

I could potentially upload them here, but I don't see any way to add attachments. I don't want to get in the business of mailing out files one user at a time.

No attachments here, no. I can take the emailing of files to people, if you send them to me. I'm simon.bohlin and I'm a user of gmail.

(Actually I've just contacted readynasfreeware.org admin (user "Who Cares?" on this forum) to try to get the files there, but I guess that'll take a while before anything happens.)

Ok, I've got the files that should go in /lib/modules/2.6.17.8ReadyNAS/kernel/ in folder drivers/net and crypto.

I've done installation (apt-get install pptpd) and edited files /etc/pptpd.conf /etc/ppp/chat-secrets

Doing modprobe ppp gives error: can't find module ppp
I'm temporarily solving this with (below is typed from memory, exact ordering or correct spelling is not guaranteed):
cd /lib/modules/2.6.17.8ReadyNAS/kernel/crypto && insmod sha1.ko && insmod arc4.ko
cd /lib/modules/2.6.17.8ReadyNAS/kernel/drivers/net && insmod slhc.ko && insmod ppp_generic.ko && insmod ppp_mppe.ko && insmod ppp_async.ko

Aftet that a test connection WORKS! I did a connection from a win XP computer running outside the firewall and using a different ip net (otherwise XP complains of loopback).
Though by unchecking use default gateway in IPv4 advanced settings on the XP box, the tunneling stops as well.
Next step now is to figure out how to get XP and pptp to tunnel only the stuff I want tunneled.

So basically working, but not done yet.
And if anyone needs the ppp*.ko files etc, look here (attachments, near the bottom): http://sites.google.com/site/chromiumdev/pptp

sesam wrote:
Doing modprobe ppp gives error: can't find module ppp I'm temporarily solving this with (below is typed from memory, exact ordering or correct spelling is not guaranteed): cd /lib/modules/2.6.17.8ReadyNAS/kernel/crypto && insmod sha1.ko && insmod arc4.ko cd /lib/modules/2.6.17.8ReadyNAS/kernel/drivers/net && insmod slhc.ko && insmod ppp_generic.ko && insmod ppp_mppe.ko && insmod ppp_async.ko

There's no module named literally ppp. I believe the correct way to force load the modules would be with

modprobe -v ppp_generic

although I didn't find that to be necessary at all. The modules just load automatically when you try to connect via pptp.

If you're finding it necessary to use insmod directly, my guess is maybe you forgot to run

depmod -a

Before commenting on the ppp module compilation above, please indicate which firmware revision and processor (Sparc or x86) you are using.

I can't figure out how to compile the ppp module. I realize that we have to download the kernel from Netgear's GPL page, but it has to be the one specific to our model and firmware revision. This is a lot of trouble. And it appears that the x86 version 4.2.9 (latest stable) is corrupted. (unable to extract fully on my ReadyNAS or Windows machines) Are there any other solutions?

When I type "apt-get install ppp", it says it is already installed. But when I try to connect via pptp, this appears in my syslog:

May  4 23:22:50 BigBoy pppd[3357]: This system lacks kernel support for PPP.  This could be because the PPP kernel module could not be loaded, or because PPP was not included in the kernel configuration.  If PPP was included as a module, try `/sbin/modprobe -v ppp'.  If that fails, check that ppp.o exists in /lib/modules/`uname -r`/net. See README.linux file in the ppp distribution for more details.
May  4 23:22:50 BigBoy pptpd[3355]: GRE: read(fd=6,buffer=8058640,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
May  4 23:22:50 BigBoy pptpd[3355]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
May  4 23:22:50 BigBoy pptpd[3355]: CTRL: Reaping child PPP[3357]

An earlier post provides a link to a place where you can download precompiled kernel modules. These were compiled from 2.6.17.8, for a ReadyNAS duo.

And if anyone needs the ppp*.ko files etc, look here (attachments, near the bottom): http://sites.google.com/site/chromiumdev/pptp

I'm sympathetic, you're right it's a lot of trouble to download and compile the kernel. I'd like to create a prepackaged add-on, but haven't had time to learn how yet.

Edit 9/9/2012: Updated so all the instructions are up-to-date and in one place.

Be sure to download the GPL code and extract it onto your /c/ filesystem. There's not enough space to extract everything into the root filesystem, and its a good way to kill your ReadyNAS.

mkdir /c/devel
cd /c/devel
wget http://.......
mkdir (downloaded filename without zip)
unzip (downloaded file) -d (dir you just created)

after downloading the firmware run these command:

apt-get update
apt-get install build-essential
apt-get install lzma
apt-get install libncurses5-dev
apt-get install nano    <- because I'm no good with vi to edit files.

then pre-compile the current kernel

cd (unzip dir)/kernel/(kernel version)
cp defconfig.smp linux-(kernel version)/.config     <--For x86_64 systems only!
cp defconfig.up linux-(kernel version)/.config     <--For all others?
cd linux-(kernel version)
make clean

Then this is where you run the 'make menuconfig' command. (Note that you do not need to fix the "Cross Compile" configuration or copy any config files when doing this on an x86-based ReadyNAS.) The PPP options will be under Device Drivers -> Network Device Support -> PPP Support. Be sure to select

Device Drivers
  Network device support
    <M> PPP Support
      [*] PPP Filtering
      <M> PPP Support for async serial ports
      <M> PPP Support for tty ports
      <M> PPP Deflate compression
      <M> PPP BSD-Compress compression
      <M> PPP MPPE compression
      <M> PPP over Ethernet
Cryptographic API
  <M> Deflate compression algorithm       <- It's at the very bottom
  <M> Zlib compression algorithm
  <M> LZO compression algorithm

Press 'esc, esc' a few times to exit out until it prompts you to save. (yes) Then:

make modules
make modules_install

That should install the modules. If it doesn't, then you can install them manually:

cp drivers/net/*.ko /lib/modules/(kernel folder x86_64)/kernel/drivers/net/
depmod -a     <- no output indicates a success
modprobe ppp_generic     <- no output means everything worked!

Now follow the instructions, as above, to install the PPP service: viewtopic.php?f=35&t=33132&p=232929#p182215
Once you've done all that and used to start it up, if it still isn't working or doesn't work as expected, here're some extra commands to figure out exactly what might be going wrong.

tail -n30 /var/log/syslog
dmesg

If you see a problem in the logfile "unable to open /dev/ppp", then this command will help you:

mknod /dev/ppp c 108 0

If, every time after rebooting, you still have a problem with the /dev/ppp not existing, then you can add this to your /etc/init.d/pptpd file:

case "$1" in
  start)
    echo -n "Starting PPTP Daemon: "
    if [ ! -c /dev/ppp ]; then mknod /dev/ppp c 108 0; fi
    start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON \
        -- < /dev/null > /dev/null
    echo "pptpd."
    ;;

And once you get a user CONNECTED to the VPN, here's a WONDERFUL troubleshooting guide to getting traffic flowing correctly over your new VPN: http://poptop.sourceforge.net/dox/diagn ... ding.phtml
As I sit here, my iPhone is able to browse everything on my local ReadyNAS via the cellular connection.