Configure pptp vpn service

blind0ne

Well-Known Member

Reaction score: 37
Messages: 256

Hello, I would like to setup VPN server on my machine to connect on from Windows. I've installed mpd from ports, and here is my config. in rc.conf:
Code:
mpd_enable=YES
mpd_flags="-b"
gateway_enable="YES"
And in:
Code:
/u/l/e/mpd5# diff mpd.conf.sample mpd.conf
31c31
<       load dialup
---
>       load pptp_server
184c184
<       set ippool add pool1 192.168.1.50 192.168.1.99
---
>       set ippool add pool1 172.17.0.2 172.17.0.50
193,195c193,194
<       set ipcp ranges 192.168.1.1/32 ippool pool1
<       set ipcp dns 192.168.1.3
<       set ipcp nbns 192.168.1.4
---
>       set ipcp ranges 172.17.0.1/32 ippool pool1
>       set ipcp dns 172.17.0.1
220c219
<         set pptp self 1.2.3.4
---
>         set pptp self 9*.2*.2*.9*
But I still can't connect and don't now where to look for logs or enable them. Thanks
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 13,932
Messages: 40,686

I would like to setup VPN server on my machine to connect on from Windows
Does it specifically have to be PPTP? Why don't you simply use OpenVPN? There's a good client for Windows for it.
 
OP
blind0ne

blind0ne

Well-Known Member

Reaction score: 37
Messages: 256

Does it specifically have to be PPTP? Why don't you simply use OpenVPN? There's a good client for Windows for it.
I dont care whitch one to use, just used pptp before. Where I could find info about configuring this openVPN server of freebsd and clients both on win and android?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 13,932
Messages: 40,686

Where I could find info about configuring this openVPN server of freebsd and clients both on win and android?
There are plenty of example configurations on the OpenVPN website. You'll find the Windows client there too (https://openvpn.net/community-downloads/, don't download their "OpenVPN Connect", just use the community version). Don't know if there's a client for Android though. Never had to use one.
 
OP
blind0ne

blind0ne

Well-Known Member

Reaction score: 37
Messages: 256

There are plenty of example configurations on the OpenVPN website. You'll find the Windows client there too (https://openvpn.net/community-downloads/, don't download their "OpenVPN Connect", just use the community version). Don't know if there's a client for Android though. Never had to use one.
i've Installed some kind of open vpn server and it's even works as a service, but Can't figure out how to make a config file for windows client. That why I want something simpler, I dont want to use separete clients on Win and android - just to have simple login/passw. OpenVPN seems to be to complicated and huge in confuguration. I want to just start service and pass login/pass for it. For this moment I just don't understand how to force it to work
 

covacat

Daemon

Reaction score: 791
Messages: 1,451

install easy-rsa port/package on freebsd
it is a collection of shell scripts that simplifies a lot the management of certificates
 
OP
blind0ne

blind0ne

Well-Known Member

Reaction score: 37
Messages: 256

finally I've find out how to enable loging for mpd5, and after connection to log errors are as such:

mpd[13038]: caught fatal signal TERM
mpd[13038]: bind: Can't assign requested address
[13038]: [B_pptp] Bundle: Shutdown
13038]: [L_pptp] Link: Shutdown
[13038]: PPTP: stop waiting for connection on 192.168.0.1 1723
[13038]: process 13038 terminated
[13109]: Multi-link PPP daemon for FreeBSD
[13109]:
[13109]: process 13109 started, version 5.9
13109]: CONSOLE: listening on 127.0.0.1 5005
13109]: web: listening on 0.0.0.0 5006
[13109]: bind: Can't assign requested address
[13109]: PPTP: waiting for connection on 192.168.0.1 1723
[13109]: bind: Can't assign requested address

Please teach me how to handle this link inside
 

hardworkingnewbie

Well-Known Member

Reaction score: 352
Messages: 353

i've Installed some kind of open vpn server and it's even works as a service, but Can't figure out how to make a config file for windows client. That why I want something simpler, I dont want to use separete clients on Win and android - just to have simple login/passw. OpenVPN seems to be to complicated and huge in confuguration. I want to just start service and pass login/pass for it. For this moment I just don't understand how to force it to work
Maybe you should get yourself something like OPNSense, which will generate all the client configuration files for you?

Aside that when you don't want to install dedicated VPN clients on your client devices you'll be stuck with what the underlying OS supports. Which probably will be PPTP and IPSec, mostly.
 

covacat

Daemon

Reaction score: 791
Messages: 1,451

post the whole config file
do you have a local ip 192.168.0.1 ? set pptp self
l2tp + ipsec is the only one supported on windows/ios/macos/android without third party clients

ios/macos have no pptp, android has no ikev2 (or at least used to miss it, never checked newer versions)
 
OP
blind0ne

blind0ne

Well-Known Member

Reaction score: 37
Messages: 256

post the whole config file
do you have a local ip 192.168.0.1 ? set pptp self
l2tp + ipsec is the only one supported on windows/ios/macos/android without third party clients

ios/macos have no pptp, android has no ikev2 (or at least used to miss it, never checked newer versions)
changed config litle bit, new log output for it:
Oct 29 12:44:51 OffGateway mpd[13293]: [L_pptp-1] LCP: SendConfigReq #10
Oct 29 12:44:51 OffGateway mpd[13293]: [L_pptp-1] ACFCOMP
Oct 29 12:44:51 OffGateway mpd[13293]: [L_pptp-1] PROTOCOMP
Oct 29 12:44:51 OffGateway mpd[13293]: [L_pptp-1] MRU 1500
Oct 29 12:44:51 OffGateway mpd[13293]: [L_pptp-1] MAGICNUM 0x006d71d7
Oct 29 12:44:51 OffGateway mpd[13293]: [L_pptp-1] AUTHPROTO CHAP MSOFTv2
Oct 29 12:44:51 OffGateway mpd[13293]: [L_pptp-1] MP MRRU 2048
Oct 29 12:44:51 OffGateway mpd[13293]: [L_pptp-1] MP SHORTSEQ
Oct 29 12:44:51 OffGateway mpd[13293]: [L_pptp-1] ENDPOINTDISC [IP Address] 5b c8 ea 5c
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] LCP: parameter negotiation failed
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] LCP: state change Req-Sent --> Stopped
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] LCP: LayerFinish
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] PPTP call terminated
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] Link: DOWN event
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] LCP: Close event
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] LCP: state change Stopped --> Closed
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] LCP: Down event
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] LCP: state change Closed --> Initial
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] Link: SHUTDOWN event
Oct 29 12:44:53 OffGateway mpd[13293]: [L_pptp-1] Link: Shutdown

and config itself:

startup:
set user igor bar admin
set console self 127.0.0.1 5005
set console open
set web self 0.0.0.0 5006
set web open

default:
load pptp_server

pptp_server:
set ippool add pool_pptp 172.16.0.1 172.16.0.2
create bundle template B_pptp
set iface enable proxy-arp
set iface enable tcpmssfix
set ipcp yes vjcomp
set ipcp ranges 172.16.0.1/32 ippool pool_pptp
set ipcp dns 8.8.8.8
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless

create link template L_pptp pptp
set link action bundle B_pptp
set link enable multilink
set link no pap chap eap
set link enable chap
set link keep-alive 0 0
set link mtu 1448
set pptp self 91.200.2xx.xx
set pptp enable always-ack
set link enable incoming
 

covacat

Daemon

Reaction score: 791
Messages: 1,451

is any of your server/client behind nat ?
pptp is not nat safe and requires some nat tricks
 
Top