Solved

Linux as PPP server

Posted on 2000-03-29
7
330 Views
Last Modified: 2010-03-18
I know it's been asked a hundred times before, but I've already spent about 50 points looking up PAQ's and still cannot find the correct answer.

Here's the deal... setting up our RedHat 6.1 as a ppp dialin server.

I installed mgetty. I can dial in and get a shell account access.

How do I turn that to ppp?

I read PPP-HOWTO and that seems hacky... log in, type ppp, then negotiate PPP on the client end? That's bad form.

I read some stuff on comp.os.linux.networking, which helped a little, but not completely.

What I need to know:
Once mgetty is set up (I did compile with -DAUTO_PPP) what next?

How do you set up the pap-secrets file? On the newsgroup I saw that you only need:
* * "" *

How does the client receive it's IP? Do I need DHCP server set up on the dialin server?

Basically: Once mgetty is installed, what files need to be edited, and how?

Thanks... I know this is a huge repeat question, but like I said, I read 6 or 7 PAQ's and didnt get my full answer.
0
Comment
Question by:edskee
  • 4
  • 3
7 Comments
 
LVL 2

Author Comment

by:edskee
ID: 2666707
This is the best I get... I get a login shell, regardless of the auto-ppp I turned on... and when I manually run pppd:

pppd: The remote system is required to authenticate itself but I
pppd: couldn't find any secret (password) which would let it use an IP address.

Here's my pap-secrets:
* * "" *

Thats it... what pppd options should I use?

This is driving me nuts.
0
 
LVL 4

Accepted Solution

by:
kiffney earned 50 total points
ID: 2671673
You have to edit the /etc/mgetty/login.conf file and set up a line like this:

/AutoPPP/  -  a_ppp   /usr/sbin/pppd

And (this may be the part missing) you have to make sure mgetty answers the phone (and not mingetty, uugetty, agetty, or bibbity-bobbity-getty) by editing /etc/inittab (as root) like this:

SO:2345:respawn:/sbin/mgetty -s 115200 -x 3 ttyS0
if you want it to answer with the modem on ttyS0 (COM1 in DOS world).

Replace /sbin/mgetty with the actual location of your mgetty, and the S0 and ttyS0 with S1 and ttyS1 if you're on that port, etc.

Then tell init to reread the inittab with 'kill -HUP 1'

Be careful editing inittab - you can make your system hard to use with a mistake here (been there myself).

Once you do this mgetty should answer and cough up a PPP connection - then your new troubles (authorization, IP addresses) will begin!

In short, you want /etc/ppp/options.ttyS0 (if you're using serial line 0/com1) to have something like this in  it:

:192.68.1.11  
(or whatever IP address makes sense for the network you're dialing into)
proxyarp  
(so that your dialing-in machine appears to be on the net)
ms-dns 192.68.1.2  
(or whatever address you want windows dialin guys to use for a domain name server, if you have one - don't need to)

Finally, fix pap-secrets like this:

a_name    *     a_password   *

and when you dial in, use that name and password.

That might be enough to get things going.  Let us know what happens.  And be patient, it's a pain to set up, but once set up works perfectly forever.
0
 
LVL 2

Author Comment

by:edskee
ID: 2673559
How do you get it to use the existing username/password combos in /etc/passwd instead of the pap-secrets file?
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 2

Author Comment

by:edskee
ID: 2673582
It works! All except the username and password part... for each person who needs to dialin, I really dont want to have to edit the pap-secrets file... how do I do it otherwise?
0
 
LVL 4

Expert Comment

by:kiffney
ID: 2673610
Use the 'login' option on the server's pppd setup.  You still need an entry in the pap-secrets file, but you can put "" in the secrets column.  The dialer-in has the username in the name column, * in the server column, "" in the secrets column, and either * or a set of ip addresses allowed in the address columnt.
0
 
LVL 4

Expert Comment

by:kiffney
ID: 2673629
I meant to say, the dialed-into machine has "" in the secrets column and 'login' in the options file - this makes the server check the user's password against /etc/passwd.  You still need a username entry in the server's pap-secrets, but it can just be

*  *  ""  *

and the dialing-in person sets "remotename" to be his login name and his password to be his login password.
0
 
LVL 2

Author Comment

by:edskee
ID: 2673684
Thanks man, fixed all my problems!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to add a new SAN disk to a linux vmware box 8 29
CentOS7 Xvnc gdm login 9 195
Linux alternative boot CD? 28 101
Help needed with BIND9 DNS on Ubuntu. 22 90
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now