I'm attempting to setup a PopTop VPN server on RedHat 9 (kernel 2.4.20-6). The boss wants to be able to access files from our server while he is at home on the weekends.

Right now I can make a connection to the server from a Windows client only if I turn off encryption options at the client. Obviously, I don't want to do this on a permanent basis.

The HOWTO's that I have read from the PopTop web site seem outdated. It seems like they were written for RedHat 6.x or 7.x with 2.2.x kernels. I'm not sure these outdated HOWTO's are of any value with a 2.4.x kernel.

I have read other articles that mention a kernel patch for Microsoft encryption to work properly. Are these articles talking about 2.2.x kernels or 2.4.x?

I'm nervous about applying kernel patches. I've never done it and I don't want the boss coming down on me for crashing an otherwise stable file server.

Has anyone out there setup PopTop on RedHat 9 with Microsoft encryption? If so, how did you do it? I'm sure your advice will be more accurate than the outdated HOWTO documents I have stumbled across.

After searching high and low I found a current HOWTO. Written just last month (4/15/2005) the document was accurate enough for me to enable MS-CHAPS v2 encryption. The only thing missing from this HOWTO was a mention of the GNU C Complier which I will cover in a moment.

The article can be found at:
http://poptop.sourceforge.net/dox/redhat-howto.phtml

The article also contains links to download the appropriate rpm packages.

Here is a recap of my experience for anyone else trying to duplicate PopTop/Microsoft encryption on RH9. Hopefully this will save some people the days of research and agony that I had to endure :

The sticking point that I ran into - even with this current HOWTO - was installing the kernel_ppp_mppe rpm package. This package would not install for me because it relies on the GNU C Complier. I searched my distributuion CD's and found a gcc rpm package. I tried to install the gcc package but that too failed due to dependencies on other packages.

The answer for me was to install RedHat's development and kernel tools from my distribution CD's from the Bluecurve GUI go to System Settings - Add/Remove Applications, I checked the box to install Development Tools and Kernel Development Tools. This loaded gcc along with all the other dependent rpm packages.

After downloading the development tools I also downloaded and installed the source code rpm for my specific kernel (kernel-source-2.4.20-6.i386.rpm). I'm not sure if this was really necessary, but I had read so many HOWTO documents on this subject and some included this step. I honestly don't know what is happening behind the scenes with all these rpm packages, but I reasoned that if kernel modifications are being made, having the source code installed on the machine would be helpful.

At this point I was able to install kernel_ppp_mppe-0.0.5-2dkms.noarch.rpm from a command line without the dependencies errors. Next I edited the relevant text files using examples from the 04-15-2005 HOWTO document:
/etc/pptpd.conf
/etc/ppp/options.conf
/etc/ppp/chap-secrets

When the text fils were complete I rebooted the server. As the server booted, I noticed a line referring to kernel_ppp_mppe loading successfully.

Now I was ready to adjust the Windows client. From a Windows XP machine I opened the properties of the VPN connection. Under the Security tab I clicked "Advanced" and set the client to use MS-CHAPS v2 encryption.

Using a dial-up intenet connection I was able to connect to the office server. No more encryption error 741. I was able to open a file off the server, make a change, and save it.

Success. At last!