NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
HOWTO: PPtP VPN
This howto will list the steps necessary to set up a pptp server on a ReadyNAS Duo. PPtP makes a nice choice, because OSX natively supports connecting to PPtP VPNs. I think windows does also, but don't have personal experience with it.
This howto guide was developed against RAIDiator 4.1.6. It may work with older versions, possibly with minor modifications.
First, set up a dev environment using the instructions at http://www.readynas.com/?p=145
Next, you'll need to install and set up the necessary software
This howto guide was developed against RAIDiator 4.1.6. It may work with older versions, possibly with minor modifications.
First, set up a dev environment using the instructions at http://www.readynas.com/?p=145
Next, you'll need to install and set up the necessary software
- In FrontView, create a new group named "dip" (this is needed by the ppp package that pptpd relies on.)
- execute
apt-get install pptpd
- edit /etc/pptpd.conf, and set up definitions for localip and remoteip. These will need to have appropriate values for your network. There are examples in the default config file. You basically want to pick IP addresses that are within your subnet, but not used by DHCP or by computers in your network. If your local net is 192.168.0.0, you might choose something like
localip 192.168.0.2
remoteip 192.168.0.3-50 - optionally, turn on bcrelay in pptpd.conf
- edit /etc/ppp/chap-secrets, and add a username and password for a VPN user
- edit /etc/sysctl.conf and add
net.ipv4.ip_forward 1
This will tell the ReadyNAS to route your VPN client's traffic out to the rest of your network. This change will take effect on your next boot. You can go ahead and turn on routing without needing to reboot by runningecho 1 >> /proc/sys/net/ipv4/ip_forward
- Download the Linux kernel posted at http://www.readynas.com/gpl
- run
apt-get install libncurses5-dev
(needed to run menuconfig when setting up the kernel) - cd to the linux kernel directory, and run
cp arch/padre/defconfig .config
- There is a hardcoded cross-compile setup in the kernel build, which needs to be fixed. Edit arch/padre/Makefile, and replace the line that starts with "CROSS_COMPILE" with one like this
CROSS_COMPILE ?=
- run
make menuconfig
- Navigate to the "Network Device Support -> PPP (point-to-point protocol support)" page
- enable "PPP" by pressing "M" to mark it as a module
- also enable MPPE compression and async serial support.
- enable ppp filtering by pressing the space bar (it isn't a module, so 'M' doesn't work.)
- save the configuration and run
make modules
cp drivers/net/{ppp_async,ppp_mppe,ppp_generic,slhc}.ko /lib/modules/2.6.17.8ReadyNAS/kernel/drivers/net/
mkdir /lib/modules/2.6.17.8ReadyNAS/kernel/crypto
cp crypto/{sha1,arc4}.ko /lib/modules/2.6.17.8ReadyNAS/kernel/crypto/
depmod -a
Finally, you'll need to build the PPP kernel modules. This howto assumes you'll be building the kernel modules directly on the NAS device. You can also cross-compile on a different box, but I'll leave that explanation to other guides.
At this point, you should be able to connect from your VPN client, using the username and password you added to /etc/ppp/chap-secrets. The kernel will automatically load the new modules when they're needed.
If you run into trouble, check /var/log/syslog on the ReadyNAS for error messages.
60 Replies
Replies have been turned off for this discussion
- I do this on my iphone and ipad. Just check the box "send all traffic". Works great. No ports need to be forwarded. A PpTP connection works as an additional network connection. It's not like OpenSSL or SSH that needs ports mapped/forwarded.
efalsken wrote: ...Just check the box "send all traffic". Works great. No ports need to be forwarded. A PpTP connection works as an additional network connection. It's not like OpenSSL or SSH that needs ports mapped/forwarded.
Where can i check this box "send all traffic"?
greetings- "send all traffic" is on the iphone/ipad, when configuring the VPN server. (Settings, General, Network, VPN)
On Windows, it's called "Use default gateway" and is in the network, TCP/IP settings. efalsken wrote:
On Windows, it's called "Use default gateway" and is in the network, TCP/IP settings.
Hi, thanks for your reply. I unchecked "Use default gateway" in the TCP/IP settings, because i will lose the internet connection when I'm connected to the vpn.
Have i to add a route on the nas that i can use the internet when im using the vpn connection?
greetings- On the NAS, when setting up the VPN, you will need to enable bcrelay. See the first few postings for how to enable bcrelay. I found it myself by just looking through a few of the config files mentioned here too.
- See below. I'm trying this on a Duo with 4.1.8-T5 beta firmware. " Package ppp is not configured yet." is the error. Suggestions please.
Thanks.
london:~# apt-get update
Get:1 http://www.readynas.com readynas/ Packages [19.9kB]
Ign http://www.readynas.com readynas/ Release
Get:2 http://archive.debian.org sarge/main Packages [4405kB]
Get:3 http://archive.debian.org sarge/main Release [99B]
Get:4 http://archive.debian.org sarge/contrib Packages [62.7kB]
Get:5 http://archive.debian.org sarge/contrib Release [102B]
Get:6 http://archive.debian.org sarge/non-free Packages [53.2kB]
Get:7 http://archive.debian.org sarge/non-free Release [103B]
Get:8 http://archive.debian.org sarge/main Sources [1323kB]
Get:9 http://archive.debian.org sarge/main Release [100B]
Get:10 http://archive.debian.org sarge/contrib Sources [24.7kB]
Get:11 http://archive.debian.org sarge/contrib Release [103B]
Get:12 http://archive.debian.org sarge/non-free Sources [23.5kB]
Get:13 http://archive.debian.org sarge/non-free Release [104B]
Fetched 5912kB in 40s (147kB/s)
Reading Package Lists... Done
london:~# apt-get install pptp
Reading Package Lists... Done
Building Dependency Tree... Done
E: Couldn't find package pptp
london:~# apt-get install pptpd
Reading Package Lists... Done
Building Dependency Tree... Done
The following extra packages will be installed:
libpcap0.7 ppp
Suggested packages:
libatm1
The following NEW packages will be installed:
libpcap0.7 ppp pptpd
0 upgraded, 3 newly installed, 0 to remove and 71 not upgraded.
Need to get 460kB of archives.
After unpacking 1528kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.debian.org sarge/main libpcap0.7 0.7.2-7 [70.7kB]
Get:2 http://archive.debian.org sarge/main ppp 2.4.3-20050321+2sarge1 [330kB]
Get:3 http://archive.debian.org sarge/main pptpd 1.2.1-4 [59.3kB]
Fetched 460kB in 5s (82.6kB/s)
Selecting previously deselected package libpcap0.7.
(Reading database ... 12668 files and directories currently installed.)
Unpacking libpcap0.7 (from .../libpcap0.7_0.7.2-7_sparc.deb) ...
Selecting previously deselected package ppp.
Unpacking ppp (from .../ppp_2.4.3-20050321+2sarge1_sparc.deb) ...
Selecting previously deselected package pptpd.
Unpacking pptpd (from .../pptpd_1.2.1-4_sparc.deb) ...
Setting up libpcap0.7 (0.7.2-7) ...
Setting up ppp (2.4.3-20050321+2sarge1) ...
install: invalid group `dip'
dpkg: error processing ppp (--configure):
subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of pptpd:
pptpd depends on ppp (>= 2.4.3-20041231); however:
Package ppp is not configured yet.
dpkg: error processing pptpd (--configure):
dependency problems - leaving unconfigured
Errors were encountered while processing:
ppp
pptpd
E: Sub-process /usr/bin/dpkg returned an error code (1)
london:~# apt-get install ppp
Reading Package Lists... Done
Building Dependency Tree... Done
ppp is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 71 not upgraded.
2 not fully installed or removed.
Need to get 0B of archives.
After unpacking 0B of additional disk space will be used.
Setting up ppp (2.4.3-20050321+2sarge1) ...
install: invalid group `dip'
dpkg: error processing ppp (--configure):
subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of pptpd:
pptpd depends on ppp (>= 2.4.3-20041231); however:
Package ppp is not configured yet.
dpkg: error processing pptpd (--configure):
dependency problems - leaving unconfigured
Errors were encountered while processing:
ppp
pptpd
E: Sub-process /usr/bin/dpkg returned an error code (1) - It looks like you skipped the step of creating a 'dip' group:
install: invalid group `dip'
As a result, the ppp package is not configured yet.
You'll need to create the group named 'dip', and then try installing pptpd again. - Well spotted. Sorted. Many tx.
- I cant run
make menuconfig
I just getReadyNAS:/c/devel/linux-2.6.37.6# make menuconfig
*** Unable to find the ncurses libraries or the
*** required header files.
*** 'make menuconfig' requires the ncurses libraries.
***
*** Install ncurses (ncurses-devel) and try again.
***
make[1]: *** [scripts/kconfig/dochecklxdialog] Error 1
make: *** [menuconfig] Error 2
and when i try to upgrade ncurses it wont allow me. - You will definitely need curses to run menuconfig. The error you get when installing curses would be more useful for diagnosing what's going on.
apt-get install libncurses5-dev
You could potentially use "make config" rather than menuconfig to avoid the need for curses, but I recommend against it because it does the job as a long, tedious series of questions that's easy to screw up.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
