The title pretty much says it all. Anyone using VPN on slack?

Unfortunately Openvpn has a tgz but doesnt create any sample configs like the rpm does (nor does it create the directories they belong in or permissions...)

Same with Tinc.

Openswan and poptop have kernel patches that are for older kernels with security problems.


If you HAVE a vpn running on slack please tell me which one.

I plan to put this on a firewall and connect with windows remote clients, so they can cifs/samba stuff.

I will build any hardware- use any version of slack.


If anyone can help I would sure appreciate it.




thanks

dan

I use a PopTop server at the office. My Slackware box at home connects to it without any trouble (using the Linux PPTP client), and I haven't heard complaints from my Windows-using colleagues. The system has been running for about 1,5 years now and has never given me any sort of trouble.

The thing with PopTop is, you don't have to use their kernel patches - which are indeed for older kernel versions. You can simply patch your kernel with the MPPE/MPPC patch and follow PopTop's instructions for the rest of the setup. The MPPE/MPPC patches usually follow kernel releases by no more than one or two days.

Sweet, I've googled for hours looking for that patch!!!!!

The closest I could find was 2.6.6 and 2.4.20 -- neither would build against new kernels.


thank you
thank you
thank you

You think that 2.6.11 patch will build on a 2.6.11.2 kernel?


No matter, I'll try tonight. How in hell did you find that page?

This might be something cool for "answers" page. Basic VPN howto on Slack...


dan

I've had two situations where I had to use the MPPC/MPPE patch on a newer kernel than the one it was originally intended for. It compiled just fine in both cases, all I did was symlink /usr/src/linux-my-current-version to /usr/src/linux-version-expected-by-mppc-patchfile, run patch and compile.

I don't remember how I got to that page, because it is indeed a b*tch to find. I later found out that entering "mppe mppc" in Google (forgot to bookmark it ;-)) returns the page as top result. I guess it's all about knowing what to look for, and who comes up with these stupid names like MPPC/MPPE anyway ;-)

The Basic VPN how-to on Slack might not be such a bad idea. Sounds like a nice project for a rainy sunday afternoon.

Willing to give some more help?

Everything compiles well-- looks good-- I can modprobe the modules. Starting pptpd gives no errors. Configs based off of the poptop web site

When I try to connect in win98 -- I get a 629 error

In my /var/log/messages

I get this:
Mar 11 13:07:01 c4kids pptpd[3403]: CTRL: Client my.remote.IP.addy control connection started
Mar 11 13:07:01 c4kids pptpd[3403]: CTRL: Starting call (launching pppd, opening GRE)
Mar 11 13:07:01 c4kids pptpd[3403]: CTRL: Client my.remote.IP.addy control connection finished

Any thoughts?

I did find one article stating that 629 from win98 client is because win98 client is broken and adds the domain to the username. Not sure how thats supposed to look in the chap_secrets file. Hmm...

I don't know much about win98 problems, since all my clients are on win2k.

If I remember correctly, the 629 error is no more than a hangup by the server. Which, of course, can have several reasons. The entries that appear in /var/log/messages don't hold much information about why an error occurred, this information in written to syslog.

Check /var/log/syslog for pptpd error messages. If the info from syslog doesn't yield any additional clues, you can start pptpd with the "--debug" option, which makes it send more debugging information to syslog.

I think syslog holds the answer to your problem, if you can't figure it out just post the relevant syslog entries here.

good luck!