PPTP VPN Dialin
Install mpd4
cd /usr/ports/net/mpd4/
make install clean
Configuration
Edit /usr/local/etc/mpd4/mpd.conf
startup:
# enable TCP-Wrapper (hosts_access(5)) to block unfriendly clients
set global enable tcp-wrapper
# configure the console
set console port 5005
set console ip 0.0.0.0
set console user idefix test
set console open
default:
load pptp1
load pptp2
pptp1:
new -i ng0 pptp1 pptp1
set ipcp ranges 192.168.0.251/32 192.168.0.2/32
load client_standard
pptp2:
new -i ng1 pptp2 pptp2
set ipcp ranges 192.168.0.251/32 192.168.0.3/32
load client_standard
client_standard:
set iface disable on-demand
set iface enable proxy-arp
set iface idle 1800
set iface enable tcpmssfix
set bundle enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link mtu 1460
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 192.168.0.251
set ipcp nbns 192.168.0.251
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
Edit /usr/local/etc/mpd4/mpd.links
pptp0:
set link type pptp
set pptp self 0.0.0.0
set pptp enable incoming
set pptp disable originate
pptp1:
set link type pptp
set pptp self 0.0.0.0
set pptp enable incoming
set pptp disable originate
Edit /usr/local/etc/mpd4/mpd.secret
<username> <password>
Fix permissions:
chmod 600 /usr/local/etc/mpd4/mpd.secret
Enable IP forwarding
Edit /etc/rc.conf
gateway_enable="YES"
Enable proxy arp
Edit /etc/rc.conf
arpproxy_all="YES"
Start pptpd
/usr/local/etc/rc.d/mpd4.sh start
Allow access from extern through the firewall
Allow TCP port pptp (1723). Allow protocol GRE.