[YLUG] VPN

mike cloaked mike.cloaked at gmail.com
Sun Feb 8 11:40:31 UTC 2009 

On Sun, Feb 8, 2009 at 12:21 AM, Patrick Dupre <pd520 at york.ac.uk> wrote:
> Hello,
>
> Before I updated from fc7 to fedora 10, I used to use pptpconfig
> (pptpconfig-20060821-1.fc7.noarch) to make a vpn connection to
> my machine on the campus. Now, in fedora 10, I also updated pptpconfig
> (pptpconfig-20060821-1.fc10.noarch), but I cannot make the connection:
> I get:
> MPPE required, but MS-CHAP[v2] auth not performed.
> Connection terminated.
> Using interface ppp0pptpconfig: monitoring interface ppp0
>
> What do you recommand to make a vpn connection to vpn.york.ac.uk ?

pptconfig is now somewhat obsolete for F10 (but see my last comment below).

What you need is simply to ensure that you have NetworkManager-pptp
installed using "yum install NetworkManager-pptp" if you are using
gnome, or knetworkmanager-pptp if you are using KDE4.

Then when you click on the NetworkManager applet in the running
desktop you will find that you can create a vpn setup config direct
from NetworkManager. Make sure that you are not blocking the vpn ports
in any firewall on your machine and you will be good to go. When first
testing I would suggest that you turn off your firewall temporarily if
it then works but stops working when the firewall is back on then you
know you are blocking essential ports in the firewall.  If so then you
need to open the necessary ports for pptp - i.e. open pptp port 1723,
and make sure that tcp type gre ("General Routing Encapsulation",
which is 47 numerically, is allowed through.

You will need to get all the vpn settings correct of course otherwise
the vpn will not connect.  However if you were already using the vpn
in F7 then you will be aware of the settings necessary in this new
method.  Also make sure you have the correct routing set up - running
a vpn requires both the correct security settings as well as a correct
routing setup.  Networkmanager will automatically create a new
/etc/resolv.conf once the vpn settings are configured.  When you click
to open the vpn then the NetworkManager icon will show a double ring
circulating on it and when it connects you will have the normal
NetworkManager icon with an additional yellow padlock on it. At this
point the vpn is connected - and right clicking should at that point
say the vpn is connected.

Of course if you have stopped the NetworkManager service and decided
to use the network service instead then this method won't work and you
will have to go back and use the pptpconfig stuff.  However it is
actually rather easier using the new system.

Good luck.



-- 
mike

More information about the York mailing list